urlscan.io logo urlscan.io
SecurityTrails logo

517s61.reminews.com Open in urlscan Pro
213.174.135.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Effective URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1...
Submission: On November 16 via manual from RU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 1549 HTTP transactions. The main IP is 213.174.135.1, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 517s61.reminews.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 22nd 2021. Valid for: a year.
This is the only time 517s61.reminews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
370 109.206.162.83 50245 (SERVEREL-AS)
1059 213.174.135.1 39572 (ADVANCEDH...)
1549 3
Domain Requested by
940 123.selornews.com 517s61.reminews.com
370 kneeansweras.com kneeansweras.com
119 517s61.reminews.com kneeansweras.com
0 c44wergiu87heghoconutdx.com Failed 123.selornews.com
1549 4

This site contains no links.

Subject Issuer Validity Valid
kneeansweras.com
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
*.reminews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-11-21		 a year crt.sh
*.selornews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh

This page contains 1 frames:

Frame: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Frame ID: 2057F2D255D464D7E5334AA08ADAF375
Requests: 1549 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  2. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066... Page URL
  3. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529a... Page URL
  4. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  5. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066... Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6d... Page URL
  7. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  8. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066... Page URL
  9. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e3... Page URL
  10. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  11. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066... Page URL
  12. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2... Page URL
  13. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  14. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066... Page URL
  15. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0... Page URL
  16. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  17. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066... Page URL
  18. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746... Page URL
  19. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  20. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066... Page URL
  21. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba1723... Page URL
  22. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  23. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066... Page URL
  24. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9... Page URL
  25. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  26. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066... Page URL
  27. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f... Page URL
  28. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  29. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066... Page URL
  30. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedce... Page URL
  31. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  32. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066... Page URL
  33. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a187... Page URL
  34. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  35. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066... Page URL
  36. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71... Page URL
  37. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  38. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066... Page URL
  39. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e... Page URL
  40. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  41. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066... Page URL
  42. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d0987... Page URL
  43. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  44. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066... Page URL
  45. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8... Page URL
  46. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  47. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066... Page URL
  48. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1... Page URL
  49. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  50. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066... Page URL
  51. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a... Page URL
  52. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  53. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5fab41724be7f9b47b2ae4a1d69af6421637066... Page URL
  54. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d... Page URL
  55. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  56. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066... Page URL
  57. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b16... Page URL
  58. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  59. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066... Page URL
  60. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa... Page URL
  61. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  62. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066... Page URL
  63. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00... Page URL
  64. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  65. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066... Page URL
  66. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a... Page URL
  67. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  68. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066... Page URL
  69. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a7... Page URL
  70. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  71. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066... Page URL
  72. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53... Page URL
  73. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  74. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066... Page URL
  75. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cf... Page URL
  76. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  77. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066... Page URL
  78. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a6... Page URL
  79. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  80. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066... Page URL
  81. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcd... Page URL
  82. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  83. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066... Page URL
  84. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5f... Page URL
  85. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  86. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066... Page URL
  87. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3... Page URL
  88. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  89. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066... Page URL
  90. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883... Page URL
  91. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  92. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066... Page URL
  93. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7... Page URL
  94. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  95. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066... Page URL
  96. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa... Page URL
  97. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  98. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066... Page URL
  99. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca78... Page URL
  100. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  101. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066... Page URL
  102. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c... Page URL
  103. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  104. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066... Page URL
  105. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db6... Page URL
  106. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  107. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066... Page URL
  108. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74... Page URL
  109. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  110. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066... Page URL
  111. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66... Page URL
  112. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  113. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066... Page URL
  114. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e6... Page URL
  115. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  116. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066... Page URL
  117. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6... Page URL
  118. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  119. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066... Page URL
  120. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b64... Page URL
  121. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  122. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066... Page URL
  123. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d... Page URL
  124. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  125. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066... Page URL
  126. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff096855... Page URL
  127. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  128. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066... Page URL
  129. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a... Page URL
  130. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  131. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066... Page URL
  132. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbd... Page URL
  133. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  134. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066... Page URL
  135. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a4... Page URL
  136. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  137. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066... Page URL
  138. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e... Page URL
  139. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  140. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066... Page URL
  141. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d... Page URL
  142. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  143. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066... Page URL
  144. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d90... Page URL
  145. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  146. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066... Page URL
  147. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad6... Page URL
  148. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  149. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066... Page URL
  150. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9c... Page URL
  151. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  152. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066... Page URL
  153. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4... Page URL
  154. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  155. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066... Page URL
  156. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965... Page URL
  157. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  158. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066... Page URL
  159. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d7347... Page URL
  160. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  161. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066... Page URL
  162. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403... Page URL
  163. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  164. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066... Page URL
  165. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c792... Page URL
  166. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  167. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066... Page URL
  168. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e223840... Page URL
  169. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  170. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066... Page URL
  171. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5... Page URL
  172. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  173. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066... Page URL
  174. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1... Page URL
  175. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  176. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066... Page URL
  177. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734... Page URL
  178. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  179. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066... Page URL
  180. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc... Page URL
  181. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  182. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066... Page URL
  183. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af... Page URL
  184. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  185. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066... Page URL
  186. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46... Page URL
  187. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  188. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066... Page URL
  189. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f... Page URL
  190. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  191. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066... Page URL
  192. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6... Page URL
  193. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  194. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066... Page URL
  195. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401... Page URL
  196. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  197. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066... Page URL
  198. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a16... Page URL
  199. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  200. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066... Page URL
  201. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4... Page URL
  202. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  203. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066... Page URL
  204. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee3... Page URL
  205. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  206. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=16028742d091fa8a88abdc7ebd800ee81637066... Page URL
  207. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380d... Page URL
  208. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  209. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066... Page URL
  210. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6... Page URL
  211. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  212. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066... Page URL
  213. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051d... Page URL
  214. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  215. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066... Page URL
  216. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df23336458... Page URL
  217. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  218. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066... Page URL
  219. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aa... Page URL
  220. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  221. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066... Page URL
  222. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65... Page URL
  223. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  224. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066... Page URL
  225. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd... Page URL
  226. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  227. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066... Page URL
  228. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a05... Page URL
  229. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  230. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066... Page URL
  231. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673e... Page URL
  232. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  233. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066... Page URL
  234. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c5... Page URL
  235. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  236. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066... Page URL
  237. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0f... Page URL
  238. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  239. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066... Page URL
  240. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe... Page URL
  241. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  242. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066... Page URL
  243. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa... Page URL
  244. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  245. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066... Page URL
  246. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf45... Page URL
  247. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  248. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066... Page URL
  249. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a195... Page URL
  250. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  251. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066... Page URL
  252. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a... Page URL
  253. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  254. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066... Page URL
  255. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb3... Page URL
  256. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  257. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066... Page URL
  258. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531... Page URL
  259. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  260. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066... Page URL
  261. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681... Page URL
  262. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  263. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066... Page URL
  264. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c... Page URL
  265. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  266. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066... Page URL
  267. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe... Page URL
  268. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  269. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066... Page URL
  270. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae... Page URL
  271. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  272. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066... Page URL
  273. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee... Page URL
  274. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  275. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066... Page URL
  276. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c086467de26... Page URL
  277. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  278. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=23eae84e478addb2c7c9b59b2582eb6f1637066... Page URL
  279. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239... Page URL
  280. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  281. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066... Page URL
  282. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6... Page URL
  283. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  284. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066... Page URL
  285. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534... Page URL
  286. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  287. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066... Page URL
  288. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5... Page URL
  289. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  290. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066... Page URL
  291. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51d... Page URL
  292. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  293. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066... Page URL
  294. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c29177... Page URL
  295. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  296. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066... Page URL
  297. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7c... Page URL
  298. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  299. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066... Page URL
  300. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa... Page URL
  301. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  302. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066... Page URL
  303. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145... Page URL
  304. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  305. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066... Page URL
  306. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814... Page URL
  307. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  308. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066... Page URL
  309. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910... Page URL
  310. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  311. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066... Page URL
  312. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34b... Page URL
  313. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  314. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066... Page URL
  315. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4c... Page URL
  316. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  317. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066... Page URL
  318. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785... Page URL
  319. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  320. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066... Page URL
  321. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2... Page URL
  322. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  323. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066... Page URL
  324. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b31... Page URL
  325. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  326. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066... Page URL
  327. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a... Page URL
  328. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  329. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066... Page URL
  330. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b74... Page URL
  331. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  332. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066... Page URL
  333. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1d... Page URL
  334. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  335. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066... Page URL
  336. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd143... Page URL
  337. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  338. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066... Page URL
  339. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a1... Page URL
  340. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  341. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066... Page URL
  342. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd559519... Page URL
  343. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  344. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066... Page URL
  345. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17... Page URL
  346. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  347. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066... Page URL
  348. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14... Page URL
  349. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  350. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066... Page URL
  351. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf1... Page URL
  352. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  353. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066... Page URL
  354. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352... Page URL
  355. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  356. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066... Page URL
  357. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6eb... Page URL

Page Statistics

1549
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

8124 kB
Transfer

9781 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  2. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=uJPjej_d5luvPLEfqw0hdPnJgU10nZBnpa1-D-PcCSRGUR6luLEb1OW4xIk8EXvHuHHk5XaZlpV3YgxcbJAzsDc152w5bzUA-OG1O4c0Fzdx4MlZmA8fyBMGNucVuHzOKY5BqCweb9fITAeEHqLvwrsr53nc5JZevm-zPVO74cAIvGl8XeqGaBkI_WzstnRo8vbVoH6TzRexXCQUH4B7KC8e_T6Q9ZQmTX-0NTBsTe2eMYW0sPJvIBOjQScOhyGBuqVWtOvce0gtth8XdbFy0Zzzt1cr0E8D5tnW8f2SZW0pw6ZzaNrjap8Nd7UIhE5a-bow1uxOnSEjetzrYNz1M1y0XQGjz6vdq4Zebc3CvQarZ7ilcXIzkvJznYAsr5ozDBa4D_afOSdwYKtzQgk4D0BzDotAipEaaxEBB_ZAp49TM2NlrcgZkk-Cmnkx23pq__fHanM6kDNBcRbdvl8qLB1OcKq4hlGsJlYoHFE7mEvnJyzwJXIXALFCaan4e5VcaNvGHRLvfNIdoOCAup9an7koLmxhaUzvJalLbf3uU-JXifritfnuYGlMC3k4MYQs4WQG7E1W5vwUFaKSvA9zQi-OTJLdgf8WFJiNaaoqFuMci38NWGFbB79gl49hZmgMXG0M5PZgjVEiar5pB4l7SkKnQEuSLWSQHQr119lvd6zT6A-eFaXH-_U=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&2 Page URL
  3. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  4. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  5. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=ly3a3YMAkMtAYCO08PLwjRn2H6ZMRAxor3FsGYZ40dkyN-hjZoYUtXnh5xhFiJ1QXSCcDutPXfE_0oCu0bp_rooTvBC0Q1mtG36uxFX_JvTiQ8JU2TIl7OU-jh0oYvnTAPTNEbv3yVbQggtceCNU2-6dwB8ancfGQ_WFqec3wsrInjDBmAYZnrgG2hNkE8ZrpweyXDZes9kD6MwlqQxuYG_vTalQeSDh_4ddTTtu2BrNBTJMLBs1JvSobqntpYPpSbtB4zQEa1X6I4HQn6SOpvWovEI-RyKn4UJIAKXTMkpVf_bqpp-zEZVFgPzMJeMTKRC9vqS90zlUoqju0Kn6TKU27sVwyrxjI2ESe9szr9YEMJ6YN6Izr-38g5EULXZ-kKg5wAx9JxPAqTDruEncFiJfZ9Isauz5djG34VX4IesJeVVfhzCp6HcGUNw-I6gFsnmHaYGJYgRKuQ3NbDNibIEMXmY2Da1OhOImaxZSV9DioEi9NAGXePONWlW09GO1HTLPLilp5Msm1Y8O4LE0TQWGF1VcfrWs7MpFAptQ3BiqEircxKIIjUhkvyob53N02yXButd2S9LiQzJW4C4LsfU685x3RN4EIknToLh64zS9OBvY-UrTpbj1U5HOFvECYmzA6_zPussEZcYlu7RdEWpsAhdYOix_CmS_CxcloA7d3aJwfxQkpMQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  7. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  8. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=yuKh0Jy8IOW2Sh3SMFnZfwBya8IcR7p6VQq--ZYGkOXruK_dOl0tirIej56S2U-oqbcpj_DugZBdfcYHGwITz1MqgUzMbgifJJeg88tIcjojCuXsRcMeQnQTNHXUTKs6BfaXowudRySNPMtkaIVa_uFrGWK6af0HBnGLD_2y_v7NaTG_kZkEALgtXK1Asd4yl92PZaU2o8g-JxLm1uKtA0aTit3eeJW3T_BQ4Z2Bbfnaw1WkvWvdgkFFUW-R8Ruk3doHI1f6_p2Ahq060tCMkLb6ge7UVBjA11IrkMxJRwp_eDnD2AhzqNOxMjag76YaPCTgNr_D73IycYRswwqJgxrdsq_RxLkEs6CwKIkso5AV9QiNLpaRcUjXyAP0oYzIaWUz2jjOvcUfxEb0mwvlmuSp-STcm4jWv9TvEj1rxQcIwlLzYA9_TvB0BkmgozUvnB6PDYypu_Gu2QOYCWy86-VJ5ei5WagiL0MwYAEjJotmzcFYn_43g30DOWo6saIdNvpC-bRFAg9kEkm2-LIU6yqVAgGvsXfsO1StoGyCXytkAnnGLQN_xxRwC8vJY6CRwsWaNJoRsAMiFv7fAPRbU-KaDotdwSthfkoDR_XuxJngY34hgtdHoFKPWnfX8089ZdORi6ue6yVt5TgxGw1rxZ5sRbLnxYgYgalv7rtPmrIb1LflkJj-_Nc=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  9. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  10. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  11. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=hjUkflamZQ-_8VglSAGw8NQq9DSofjRSK2WOHUfF-FFusTHEQtc3rU8pZLnZr3lNp1PbUYp3ikYzfDrMDvabeu7d7_Uu4PeUhKDUVua30TM8wMrpWMFNpMXCm5ZKdVF3rIw-x0V99mvY9JaNJI2sgLzglbD3iIxIsWPeIVqb4Ih5enmBKFGlHtQ48rDnhT8i640sNsUpGJdZG3JcRK6CtgGQRo9ZcW0je10FYoCuO9N4Q35FQ6avMt8pVV5d2ci1K3Zy8OtfiFKn6Iq5NswQBFIR2znCIP3jEaEuWtBPbVD-_tuHRMRZHHHrsncZRZtXNITlc29HzxHBQKoutiRy5cigKC38_0RCfFbQz7U-fkpsHX6AnBpp5cqxLTp_d9PtNZ2zxvE5XPsVhboRbdU6mEVac0Q0gcNGBnvsVRKHBmQ_L827pcznoAFjlLCk1gvuqUrs2fVnAih4EpgGZg4Ish5xGMJg2hUjD89szeIvwpURVqn6EDT9s_0_zYCht54U1VnBlFLzpS5eXO4vTLNGGWaG1jh30VV4p28yX6iOexj17CBWXOl7EJGzKF15Zbf-vGxxQrLvI3JoOCEulsjmAt_V2fFDYdIrkAefpKDu10EVoyLHOtEPIg2yjVWRhAMRiirYl2Bdn_McAHaBpZ-_OzaNdWwXK85JAZYEgP-2rDMg5udtN4Zd0WY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  12. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  13. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  14. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=Y9mKqUOTlnKYD50gVMd_sGRPbiZ_VQrMgxFh8zi1qqV-QekQ01IjeRfrC-kZYpz1B5Iqwrs_xHsCyG3yKd1RAlZBJ_f0WT4sVdCNqcgPf4XHyKIxlwH3aoZHw9TEDg5gZHTTHVfkpAVptF2MH3qq4_XZRT8JsrMNSGm6mT24DsHfiLQ473YwR41JG5_xUndS0D-yUiOG3e7JgeYqwz4zk5O79Oil7MMe2TUm1SkyfZACpxv_XYE-_IMOKb0cbM0So8EspGYZvLOH4gRAcjpJfYLAIhINgjUYT0c5rk7XYbBlNVsrWFVT235XllcD4GUoQsOQjrrDAPZDq6fbH90gdqwGlt7MpJW9rRSad5CApCPeYEUqrB0n8Wm7psI320LFM85HCmnfkge_69SKNucOCf_R6S-A5QVFr46_1w_poFiNoo0HJTZLluCBTMPXIzajbCoa0pWXRGy5RwfJBUbdcSROXTu6fpg2SNeNZN3FA5wRk3L8xrT5gnK05L55IyHnUFVTONGhQBFhAF9UWdrHAgBFfJycnTSjhNXjh2Phc8pFeRhuB9bYlXauEg49stwgNMpwb5k9BHUS0AOvR8UGpXHucHzEOO961FnDp-BN7_4_JFk8f3YTRS7aryky5xaJcbe7h6PL_rKG83PJZHurqvhH1P1MMRBDJ2Y3kX4fBpu5UtfRFPts5Fg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  15. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  16. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  17. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=I1SzTRhmVR0u_Ere0ozsORUJOnzreYhUfLc_ueeCaMz-oaWJQQj4Cm9y7sdTURvGlji4kAZChQm08WsqABm9g4zwIARG1FRTOv6Drinb1OvTONPAC9B1hJ5Nz5Ve6OoY-iTcyuKrgd6qnfIZK-xBtSvCvMgLr4N3qG6rQmMeNe6obOw62uzepMQfNiqcF1h2oGazdVAkivxAQfy00VURJJ6jpEq1A3WXhopMwXkln2pA-BNqf5lktxD1VFNOQRPyW6nZ6aLc4zHG1NJUVPZhKX_BJKcyoQ7hjxU_m5gMpujeqhFJ9x5YSyf7xP6udZqCac5MIuDowip7XHcqx62JQCPMG2mC58wfURMBSCEs9WFLUVU0rAiMA86LZek3AxfkC3m-qmeo4dIpvQmyOz71DkpNgR8_tcrG5Cba1Uf8bmo0WqUVz8uCEgpFNLhszuQVR9R-jOG16JEdvPLZygy6sn9EMyjhXyNi7XjvY4M_CsqvpjDfXFjxS5owJ_CWixoU3ws2UkDHkViNT6V9Zq4yz8ZMQw-ddgW-w5lgg65oXKlxgDhBJ5YWGAY12lrdl_wv2h42PVIA9vxm5z9GnhX4oiRxL57NbGUZG9lL_kqlBkMSkyFGHHuBB8xui55Y1AHDuDPtXWP30k0VbhIIiYrcISx2NI7_1eQ94qFPdyPpGO1SSIbZRp_8kZ8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  18. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  19. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  20. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=uXiQ9kKWvMJDl4G01vSZZpvz_X2zK-CBXaJwsVl4tO32Tn2QG3Li7RSBPCOZsO0kHa-jAFaDZUVV6-hrdpNGGFimYOxuFWw5HqROOw0Q6dTlGyRC3aWS_JYjhfW9TFvYA3wKpO3Ujwa4yjivS2hDq6oqxIKQMccSlye2Fl6RBOgzmfBJDyT1qXFXaGny5BtgQyuDgOcBbVOE2OdhYcRUn3cjaz5Zxyn2-OWf1COy5AgScs5VqyDRDi7e2Y1rGACa9aQ64nm1L75L8b4-DZvIKYHOzyKQ6dWSGsayqtNkler1PP0gHJCH3xYIt-_bVe5Ql6n1PHYsY-eWr9hYsyczaGCAGP2GoXJpJH1-rEYfInl-CItH_d69m7G8s70WjpKTltsfrfIDsWGk0qXh_iqei2QC00bFjZglcb1Khj3sBRceLOtQJh6q5VRtBLhHMGG_3UGrkTUuEgsc-aHMKLHl860svfi0SyeUk8gUmUJMbfN4Zgh1d0NsD9YNYlDA45MOZyA0CojQGVuN0G-Za8-c60ryUYMf0V4v5wbXiEviamiovOdqDldmKblf9D11-PKHDCXuS5uVhs5-sMY0BHRc4Jg3Y5eaFGOs2z6tonLrodjn6jFZdM23OQHd689LL6l3zV8oFNRLBKbmJUMuoZRGC5pRlkiF2YHaX6viOSe8ygqyKru10Tw5Hzs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  21. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  22. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  23. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=86xUYpU6xB-gthhHB4r9cTgrqzoM4NSCSoXo_QixYzaZFZIbw1X-FNEfjzVzWWSlxiZg4w0A4LvhAAr2TNBnUD-PEzDF1cHOgKpLLATI15A9CGL2nAk5CSKo2ncmg-YFosZvc3DrPvNcCIPLSlvzGO9DUiGGlkQuKUriu-6Cnfx3J2BB36mGbxW0CKn7r7qJHLgN49x8yqC0CiI00ZyQB8ItGJoT2ZUCXBzZ0jnJa6zdw34LLhKK1VHyaNSKQ_7wx9h1jWESUSZdEcN8Kl_kJVrYSuoslBeIiPWvpICb5qt-oICJ1Exy6in-vxPJzElP2z1l-cndt2bvckOrQytOqWivt-x3LoH6pvABfIFWFEAeLsoRt3T6um7eSVspxDJ9RctoL-G4P_f_sfd25p7g2UCmpjSI4UfMvoUdab5Bw3q8AByCG1MdK5BD4a3EMv5b_Hti7NdM3Rp3mAAwAOoztURlK09RbAlQc8gGMpxiEDdtf6vVHoVOcInEvSfCTnZ_lkEV2_mwdDxYyTax823Yllz_5Lu1-kXNW34XzBrbeS_1MbnT34jKCC7hVVfFycXSoAju2ffbGJUOUxzna-QlnTJ2yR9JHzIvJmrL-4BGDnOat8KuNESd_E8bIaJezuVcvgDCaV-G35JXBXGCOouJahb-Q-zQblrx5yJIEMDvA-EIKuUSlvhXvV8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  24. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  25. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  26. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=I5YMO4KGA1A9EsRJlYr7mdjRaNjcySGsCTXAIWYPFEeQGGN2VkT44CEK6ukLfPaUlv_k4oialoU4mXhciqvp3R9WJu6Ia-cWSA0_YiH0D7Zn00xyD2_U7l3zIM4oMZzetxYmwb4R8YhSes96qLAkJCtFcRt_XsPhZ0SyZXdYGEtWISNvmNmKKFeHMjZFiipM9TtUSXWzlBfjgsty_EM_E_iVBcA6xdo5Mw3ms114cvvuaDURaoU_fBXYb3hxkb3wk7Nci-u8Swf8XJasE6rM9asYp_ZZ77g-sbbj61Hp3Nl9qa3ri-SN1R2296v-bEPMJYeFcF8s5jObSxI9eeQWheo-U0cGJ6sWdI0yGyA-bF0dnWON_yH3APal5P6G_OmPEWWo4dqVGXHndSwX_2tABRdGAKdFDlk5hS0UOD_r-6o85m8r1_l5rFhvrhUXGQX9-MYqi_xfwyQAsHgQqJaSzVlYynD_yHxXkhKz8oL2bRUSnjKzaUkbl9p8hBTRqgNyjGZ8G4kF9mLTgWmogxmznlh6qYAhZ7nbmKsiK70AvyVpK532ZYF52lpmNb4TcGG1Cj630J8cWrnTJNzBgRaKlW41RkWgbGWRnzNirrKqXjBqxmBgNp22whoZY59HuZUjoeeN8DKOpqAEp9M1cVxLsf8EgmtPKT-JfrKnsRznCgvPsxXDWEwxxfQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  27. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  28. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  29. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=j1cu_aGLUDi7fPNGInGjt6YkOAFyOEXvVVwtM2_C1HK9mAA33uma-wRpQjV2h2AUiz1Ghbyk6pLv2_cOJ9Cz4kDJV1lQVba66rgXGHOtbYmKoUHfAi63UOkIbLJINdI_rxDW04aI2lsrxZ3yKRJ_GTHjrjyxj1EKvNGQcTFGoZcSmk1rZliZCE9tpbag_INgotwc0gOVRZWt51RGz0WtBGt7NV3WyvaGqOWTiKLGb82eHtKr95SgQ-KEYkSvgTlWkb2p-J_92flNcHQQKDbOVXh3Uuv5MDg0DRnE7hNTwurBskTo6eamSD-sT4e9YesEDwsmNeg5CQ1s89wUx49nR43XrtjINEmN2pkmVWHXbSaREcNGIYVN1vc-QzNMSKZ_p6z8Nl6ypWxTXGCati0UQ1cqLPTeoNSNkloMgvXnmL99P0LTqA8qfLH0bP8vkydEgbondIGNi4VbJlxQ2a9Ewiyuh1lErK6B_ApLI_kE2jbzSDoYbxyWZgGxC9O4yrFrf9vzqOakhCp5Wrhv5buJwpYTzm7UD2gdglciyHB_tUGV9J0DhBTFy7_RAi0RA8KfQXlJ8w9MTQiftaCDINUbbKC5WLv1dDkg_L2exHg0BggK1GJmf1kXac6pGDMqAfVSWycb_WTNPcUPmWNcBST8wT0uao-dMP0ub24uBX0FoKXUGxgnvV_4M_A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  30. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  31. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  32. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=rnHxYKx9urGqM9alRFJY9HfWAMpuaSAREfTPgjR9jd38XNm_VagFKbNLLyabwYcl9kQErnj9RiUr3oJx00jHqpYoQ_GkSgXgM3MocfKRR0T26jKKOcbMXaQtKUKURODsct5KDUygwHyi_2hb3wPgjZQ4DUJNyhfagy-7Mn1gvok9sp8myIwan03o-zPX5f5bP0OVbjdjBfgXD-G8E37Nucr9wGNgiXWPEwD9tMdfre08cV6UadBXwOkrcdc5DbByVBzSydkxjnSEFC-zr2ImjkzBKunAM-YEwr3lga0K2npqFFr6Hpnobbz1-30kuJhsWr0dlv68J-zAcfZKJ5Wz6ge1WwL6jweyTlJ_55ijoT0jhpBhRFdqhy9F1o4Y1B6dtSlgesb962p-GcZvR0MvwOlY3fvi08mIKBzJp2zBmR52hCDL51LBV_Ecw5kJ1zuhTOscRYYjaGoXEHjJftwSnuXVZ4Y_iXSAYqk3trNGOis78xi2sdzNY9IXnM-Ypk3TijEjiOdYUZwHJfjCrcERQVAEWP_291qE7St_oGwI0RuPgVkmp57lAk_iMjR-8elvRMrskLSGziFzlZsAk0BXXONZfuDteSy2Y8ndEfyyNasNrX2nxe4jCYZ-FthpY7Zk3OZGDYUJaHcf4_A4lSV3c1UCjr91FFs4PUg3Sh5ueP5CymHBRAmppj0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  33. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  34. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  35. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=DOvMDrqLD4AbhobWU0NpZKjODcZBpk3uQ33xujFJyQ1WXnIG-W4BkKMPfyizJsa-UdmhoXFSIDe1HLHz1v5pRLgnKQBa8yrUM2bkPHggScRXY_kdfLXxPYiLg1X_so6qUZC8J3MzgUhgUe_iCTdErDSoPrNkfDcc9I7Vna5rgQvoXZ3H0vW8WPFfxKRVEwJQYZ7HtQewZ0xeGqgH4MNAv8XNAdiNSh3U63GrsHdIK1-eAkspsL_OvUh1jfatMfdO2yg0U-DKIJWO8O79a5k4jX2GI7Ln02BvEb3H_uPBqnm3Un_cCaYGDWzt7clp9gvuUxuXWMn1I1hjnwX-WMAHRECn8wAMGDrHeRhiJtGV8H54UztLfOVPMMBNPb5c-Cql1fCVu-TgIXTX3lx0X7ZNQW86WDYCansKcIG52N7kL9tiXk_DNhf9rTGCCyap3R7doXYAJh8gj55d4V9D8NlTOCxXe4dSuXRfPz5LAJq-djfVf85hcwlR-blRydklaqvWetKuvNBtDhOVjTe82iOTOwyaXTZvbVzdMDbN9PN0UFE4DEY1IlXhD5A-40KAloZR2puabbGcbENQIuIET_dtQy8HoocUw2eIZvVe7jC-R5AbJMuZmUghklfJn49zKQ1cTwxFNHz9cpwCq65OLucZISYnIansVE1btZro15CFslw4DbPd3mfx2-c=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  36. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  37. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  38. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=x1eq5fqGPubKdXQBL-bEasdORIzuD0UrFL2cu-9PSVyBawOg4NjPtMIO3WoE9dFZy6asOq8I7OpgRVv94hT072LMKlrXzG77hwsacwMQozeWKJ0RBrzbUyLBKs_QkTmIwPPqd_JbgmhWEQK_vS36g3T0ojL2jnsLNsqr14LYicKqKk42HKDsnUCTBL8xFFPqotl23XsDSU80bztgmpKVTOYvWcHuwB9VfBiea11RsKbz16zrrVaJiKpKA7YHoTnmFrG-uy4kJIX0ara7Y9Pgo5pmqJUP12HVaFuf-mO_nX7JDcnn_48Z8jEOmMToKZFYoQuqUfldv5-uTp8j3NPh08AmOWJaSnhZbYs0nm5lefOmXmpBezKniH1nPjXWXX-xpRD9Q_pazQ9y9rvo8LPsF_cY0Y3ZnLNVqoDOLZXchMp81s7r7d2nrjV_krVCOVhlD8CdAP2LXGIOidBDOSecU0Y9g6wGOVAjFYCn-5A4-of-Hl8Vwx2D5kCMcBPFTekRBbUeAxdrYUOKtFfPNV_fg3Bgm9PmCIete9o2jiL10t5GORpHMygTGCO1_VaY-vK4cj486m6EchrZ-ELs8cK_jM6qvYp8wFD5tWTsTAAWqYBi1APnE7avExrVpJ1zCFVL3HrNFrNDV7DZu4MiO30DatcK2x9dpgBOGL4BXiRlaThg48BsR6rv218=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  39. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  40. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  41. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=Tg4mUCw-gFKxKmtp8UhAaKcS_8MUsbiFumSuHs1jcYmzIbIkkElRbONLuDgPQas1gWX0GP6gsheSAuvwzYD1LENRj1JtUR5GMXqisrVVdpMuGfQ_ejoffEBG6kBkozvA9Kpx1arKR6DrljILBSLPDum0efhYmEgZ1sT97gj1F2bd2_cAqxfpOiwTvgyW_eEuXb4O7m22C7Ikip2CU8LQ813a2H_IP1-_IxhlEhcKBEvu693yGlxDZzU9dJ-BUS4cW-EDrqLP1eFamVR2M_xfabcm3nSW-FG_HSu1bNA7XBgMuq-CLnK8AazGERyHK8g8e4hw-ATIG97UnTyTFDOx5SKqmyV7-wLhVkzj2jNBu6lTIRFNMEEeuB9lv-lLQjmoUTOv8Zo8E7K8jzFpgyvYxoz1vpJfVQZATZf3YtDKZnm03rUaFtOggysxTqFU5hPQe9kmdhZ2o8yYGiNOtg9HcgijlzFDezd-ZuY6SUakh4NQ56arvEsz0oGgvh1pwMUrPqHX_ATH2h1JqA_edfsf9b2wwaelAni4u-rj_ohF5iuJztT34iQms1atH5ZUB6j8uVnzIUKp_YnNMGJYojtRGUDnWaISLnjrzjEB1VDQlYfxrDhfg4EQYjxncA1gEPokG4UaQpjwU1Cwxh5hRbNGI-BR-1enApiaqeVWfaK9YyJiV-iBViqFfjk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  42. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  43. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  44. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=PJUdWpwG6LYbf3iGDtWQ890D1HaF-EEp7HCzXg5rIzI1pf2NvLjx7mjiJPZfzF8VUHGG2-nQsZ_x8GejAUMJUrWCwkXeQS9em-zN90xBO1ghnFwDRecDSIYS_hfzc7MOqEDRVytZ05CER7tL0gL4ZQzJxlCIE--7xrhW80YfADRK6sZV83WAcs35EwqaMr57x6XPCAUUKxt-WdLATsMxPfT9gaqremaz8uCakkMQwyJje4M4JgrCNISGgvl6vpGb5BGCkeil5XvuQ1xasxqfxq0l5-ZLicDMHO_j9ZEmU_SRLtpuScDVt65BrCnrS3td52li3OpDuHa74v8KdUZ9FdpFdd0_55TX7rtrwncBAgsvJpmKJ1EL8VWxSsN7liYVHsAHKkoqmnJ3TQZGz3ZFinHUmL2ATCCW-vR__ryLM-cmATpus0dbS6H49ht_nJBTcIPHG0D0D-8Y2Az3rXt25-axS-LtxGvuzQvgEYWJeiQdaglYaAQYQZ-LLR23OQxB99QzJ5-6HUr0dTvd7Ym8PUus2AX4BC-PLgilQFrvitC3jnOrFmLI8GsY-4xoVvD7dbHQtOqimKP1OnobWIT3vEn8IHVVhJHerXjk0YTylC3YjxZq5ZKhdhedsoqtLCQ4skJW6-P4ZfNM7Hu4dzCxcFR_tPqitFtC3QfmmIZ-JljygZGgSoWFHDQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  45. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  46. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  47. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=c0V4xWb2zfKhCeGouNaORHxcPc9w2X_22E7kTM-prg2OgRLXUq5eC8S6VcM_ArsR_-C9cIOKc4QdwxVSJ4e-qeTEuXN1nJQq7ikbg8OuMgkPGfd6xdJ3BnnjtVz3_j8FNjsydzr0pM4MxEOiQJvlHykMyQRz6P5sErAYyFe5gAaGXyREv1dqdNp7wxtmSh0sabqtLAYgUtLCEX9Brdasx_RYd66RG-NPnRYJEkihCzxSm8E5XOyZJSyxg0-4cfJmiO_PrxID7rqzr6twUEWx2yBGh6176IFLFnr_XYZ7A0JJYjfTHmuwJ0Liomw49SH4uKfbJtJwTQ7dVqBnG4-ehzdlCgmnPq44abRrwTPLd58brsbHe68zLfvF_kAl1AG6XC3ECZ0hltjQ3tfVzRGV_5DDdPxJSeasMtPoSZbRyYaZXUhFBhB9tieOgnntxs27_iQwssJtQXZGDhEWSDZtBLZUVMa_3Qyq0oG96LRxHQMrTLXHfsXi0QUaGHO9XZZFCt5og3rGzkkMGfF5stcOKfDvhGhN21JImhJcwqZvi-cqYDvTxA737-U7PEwCiyD89qvvpkBlaSiClokr07vumGzwqJ7vsz94JC9QtjJfwv17Ho6xQe-QNMIzns12slWAgLcWeTtebOe_DH8XU6H23-RCI5LSrU6kP41OYykesVNmgjzj6I6Uk5A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  48. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  49. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  50. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=iHpWl2410h5oXA1UOA545fqUhxNjMiNrnNTSrcolqklzs8OmTuoBxfAVig_AeiVg20s1234QCPoUxeUKZbUzrSkmBhUW4p0fRdduOEgGTMbaM6v7g2tFQyUDzxxTp0_dfpwj_iGugnNUwA8Oap6Zu3nJPJCenNyGDok0coqlt_XXcmbM2ci0wnFgs6ooiSaOrE5JW4fHGVjHCH9svEng9-GoKp4fxglhznRQvvoTTDf6mFW8BpmGAwb8p9Bff01omvrpRon3QkDLP8jtFg3QZjFK9ivdRSFPPEA5PkHdoMYuNS3g0e15bU4J-AZsCTtDwGo0KwUTr9YlWgbUxGdHPwlLEUHqTEoci-mbRwYdX-qFKx2AHdMM825Ic78QMRCDhfQZsm4UGM1JidX08y2iT7_rE4DCv9m3I9zTNDwGrRBd7drjSag_SQm5GfIC9nQ-BNCjsDMeTbXPrjWcUhvNdFh1MUPyWtXgM9lsXAU_X8ZUBuYGn7RZheCu3eG0-rge72MIPT0h7tH35UEKYLdYgdjwNlgm32vaxbhEW_jqhXmlFIccNdwJ6aVdrkT1cmYfNNQHrtqi9C-RDqAEfB4uJh_oAcRh4qsClTrdRkdhq7UNc0BcG7YJXvvHDza7T3-d88aEqvHbuPijYxdJ4fxuhVvQnsMrEbmqCSWmhzoaJrSdtmce7fIWjNg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  51. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  52. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  53. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=VJ0Dk1xDdTadmfWUR4hLC78OaHcK01CDgKCNkiPl78Cj2elHTXSh-XR0n9m56ymU_V_SGRSLNs4PbOkWVAF3ekKa_paNzAizS95u7I--EeQ1xnOXtTlKqtxoIeQ3x4jZIr9RJcxEPCQFXNYLRyfhXCBCCki2h6whiSzDCEeRnfI-y5e6Qw0MmwNAFj5T82bzXrLPqheR12srR-SAEDjPvpqEYNi_FHb78j7GPhWRCHQR3orU2NUZiG6AZJbCFWvLijefR4ZhESN3e-LdEo_J4FyRbU-FAFxuRYW3NXQPV_Q62VSr6Vroz9rLz1knoVS8KdpEF8yQbpG2PtL5YHTzOICAFnqOpjlPp758iX4Yrot1d712rvWwRzq9PxR3S_2HlwG6YaJE90wJ6jZCCiMaV4LNQvKk6TsGVVyuFvdQk0Mw5CVVB5Ws5hKJtQFc-xdBDAPz74gNsCckrD5WlD_QgTtvyPJFCbR5EE3VW5O4Uyq3VIVspB2AtAZKGHlCrqt-s5o_y7vM39LT-HrZjehOBs_gpZ5B3zS0GaDgOGQnAMwIAbaO7ud7ElWAbTogDeJCLmiFx815e8hhyQXbyPO1okil-VYtNzN5RkIZsvuveRlxj5Elq4iK1wPegOSjK2RHtmmHNbi5VgqutQ9apigg0Z_A-H76nXNrFe0uCtrihubU-AqDOeMlgKs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  54. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  55. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  56. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=3kLFM6lssoFSyWaYxtcF0tuuESVUSJ1fUGO6L71jLRYvQoGTgDyTjZuHv_0b_8A14k1A2CZ0BYB3pZ0rv9oXJUPNmkHggAOuRvNAxLgKWgLd8U3IE-193MiERoO1aQ28haPt-uE8JtfF7BCAcc8YGQ3WbQ4Cp1FP-ih1JVunPyDhn3zhp-zS8cXh6aNALymYrT2GYdOyjsQPjQvslHzf20Wykba3wKYjkh77Fa9UFKyZxuh6fZBgoLUi4RTmbeK9Tfys-123jVOT90MkF4LWh1zDYFQCafRxFDRkXpBCu1OUgqs3TuLkFRFwOXsXsXQvoPJcAaA62Emf6Rwa5pYnZaZTgQzxv0xCxmeL2s9cMQltPwKtA_USAJKC3XTInnXCXPDqNtngSfzA88lydQv0nRXTA4Tf6ACrMn1NZNmr7QR69SkAZu_3TAIY_aaDyOWnLZMO2nrwVCKSC_UUoCVV00NkQ6ve7UbZkDgr5H86vwPOPkVnvQGZqvQ5RyO4W-jA9OwvxjB96yyH6rUfx4sxSlo04Ry6tzgRBFeIV12xRbBZjC0f87DQXcqQsDr1ptQoZp9RNgBgCNKPsXdxgodx3wGUL3_hUnBInJn6Y_ISxLVAQqEFI-OsUaiwqbsvNYs9-mjSd1e2_3vXmd4wV-rWzJRhRNJtuczcoa4L1OKIhv37wJmFTS_w_90=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  57. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  58. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  59. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=4UQorjnJtsTbTm_Lx9_eJ5PrKOQ22royLgnSCp0mbtCdz5zWE5NHUOYDTq5AWKFuxUErBtwfSRtj0LjsaFQ2nAPf856t67_1Gs2IztN8kKWjGaqORT-duS0-z649-2xb94-ba6TpWJDs6ZheQX2Xv8kjpRIMF6rLMLOeYw7roIacOtnu8odFTBOVOoOA-vm5GwzakcVRQ2tj-PGsmrfdi5CybqKhhk3vdcb4EOU7xQiwhALFR4yzPNhYZwgPi2qZYVZ_dnHu22KPY4HAsQ22PHbIZM_eO-4yuaI3-b_I2db9ZNf2zixC_Zxis2joQs_ciLB0Sp0xl-hc_u39IJsBIZPRk5y3Tk3AKyPIg4lVY0FoL4T6aATl6L2kWgHT5RTXnR7nrYdZRFMzCbaII7cDpgUN0WjfSSF2hjMckUXU1wugglpT9dG3e4wdSGPxMrjalUGYWwvFkeZ6lZo_QVfprKn7s_-RiByxaYt8LT2xDd2uAzgeFkquQmZjqoL5QrhWDTsdoNxtx03s7O-CNCgCTDkA0_9okjCJH_ARTuWWYqzahkvQU1pV_-fAaVeyIFlMyBw3uHu6O24aECve08N3yC5hEXFJcQ4oqISE6VT-5oTGBvAwOBFB-pGvbjSiz8wqAS3jFFWrB-vD8NMe5frf-iqXOEwNxLOKtpMp0ie-xJk8K8MsGasJlvQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  60. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  61. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  62. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=ph4_Jyblrg9C_Sqy2WwLKqLoWjrerPf3QlmxM1ExBWfaouJL6v0rah6VANhOSF5J0lGnOjC42xaRUQ7xHCdqlqL9gAZ3WNx2hQDchwDdeljRMNjQ-DfjxlV7kAXqzY-50St0mS3K7iYDypJbppvV6Bhgji7LH20UtDYswx0N1p3N2fOelbao7ho-LJbuYQGA6rsLqnLr2zRKtI1cC9hX0Z3LIvW6yUH48TUb2r9fgGdymqlgs675HYA8sdYtnS5OFtKKidsZ6CaaYHbBAcUqo4gw79mGPjsgqzfi_uSVhJhDWHs2SE-6E8MeWjQ8V_pSunvD0eDzxu4tg_qVadm_g3AmUFG0FzxpCPZvEHqNaL60lT4SrZcllqbi84hjMa2LMslK-F8aVrSXXn9px2BxMAX_lrHMFz7W8SGioGX_wQeklol0H-_HurXoXDvDQy5IlmgvfaCF0D1nQMHrF3qZOHmmJYYV3LHr4zkdFAEpiyleEV-_Lc1A6P-eIVntel6b1EbSOWsV8S9vdv4oJ0-JUQ1Y9DwF81DBrvR7z7_ievCxkRcgbMhq2t_Y1I9rUOwG_m1iz3taVU9vz1uQTEHUl_GiN38a-44Xmi1z4BecTUsKPJBLACVCVWDjqRaZF5JACnkIv-Z0KyBTBLme6LbE5XP-kz_soVKqJXbGtyeFcd_RIj_NCqurHtQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  63. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00f45b896e512d9e7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  64. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  65. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=hsT3BF6R-rIytNQmNDzQINVCR1OYv5ZlJHLZRz10wSjMtSqVe0fmCniRt0XGVKMkGyk6_gipC7ExOs4OGMma-Iyh_oboPUJcSJnkOHkxuWeR2DZbEYYE8-sQAc1fVTCeuem4aCikIXehZtATB0kSSQ4IofpuEn6eiE7QlNDMJlZXyl0ek0Erb-Hm0LatKoe_eM2qy1Q_KOVSt5uqYJSx5_KFsm9kEfQJLyqbVWJ-WfPrf40S1kCmA_E_g8Qbn64aPwyRwf029fuk2h5tFBL-8LV82tMtNv3XLSHp_YA2_jvXNfPo7ZJhF9qKfNiRXPlpK4KvvhjzNW7SL_aL9Xm74irM-MXd8z2rmD5R_eCGRRh_BPJpVkd3z2yMSTmX5u3uDVi57enqFyrpPTUSWEEU37rDatMXJajbHMi_QPlMmG_kKRcyiSfVBH1J02F8X8t8cBZWwyDdqq7Gp5EBnV5K-TCo7CBEUcDuNeCgcH0Q-ptkvdHQtzBXFab4Mg0lBBsN_3rNa_G1caey-OS9ULfAozvpaUqKQuNTYI42u9QHjld1thA0eOVlzWbvGC6I0zRYgKObCpxsDmWeyfXxuXfTzLtCzq8LjJX8_I3nLzGoMs9FqGPY_c1Dp2ep7tG27LK9qp7ebnTjDMIfD8wFF6mu0RZLuKz9Zt_SC0Oe7GKbY201qWYHk4SA8_s=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  66. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  67. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  68. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=TwmsGNsWwgzJLyJoWCrrbuF39sMugGDzTAc1sYiQxMJxY3Jb0AnVwh-eUG7aIGFHxBDpPtwsEd93i6g2NiDdQIvmFG7vu1g4D422LAzty-VwaDAWvq1yemHqMSvx6pkY0P2VbvlEuU2D6FoPI29zIabsOBKDid8SJax0CSo-_W9HICunt_zC_7ERezkOoMRhUVsT3xmTd8LUjzle1MbTSMqj3PRj6GRkhyjZztyVFAmra_5CGA9gSF7cAdXJ4p1hGOO9jH1aEx-AJ4KjIBqWwcOGO20xck1Ihjpe6YE2--hwbufJ77hA-8KbYJJXG1wYSFi7jzadPQz8-x_WTzSMb2O7xoh-fwwYwZSboO1Kei53cADqzVoXSGkkI9UurVRjxAEyIuRzhN25e_zn5-pjNFqZq9w2Glk8azGh_jNEdTmVj79wFnMZacgnUoDEB9Vjwpb5Q4qvmfruF9LW5vSXZhV0jDPVcEa6zr5eScDkS2jXrb3zKLNCcGOQbToCd57WhBjaVjTMDw60aUacFG-x97RMg4FxAAHSnE-nW3VXPTzQoiTnFuCHcXzn0uZnvxediHBXg3R1dyaLhgtMWt6UCmeq0JxOUGUtvx3_LThJvm6e4w8LBBVA1Dmr7HJh93b1YuGW-p32eng5tZxOsO4A8l_MnxVfMWDNekQSrLEkEL1KmI_jxexG5qU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  69. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  70. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  71. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=_BRfQ3QWY6YlI-q5dK9j_tSgyoImlAktMMdS1KnOBI8J_I8bAPHSm8c-RFPJQhIiH_E_rm7QkbuZw9UxeJRg-RZai4-nLchysooPSnYsKUmOsqYYYIJSPqZnGlMqfFGeikstW1HJ7sEuRdjRct5HHNpub97N1MRdOR0-nql48vZCQTDlPX4BwdF_NwSLyasYs1nzHUuH63GWryl5H6Vw4UdDv6FiI3p6nwFbOo6Ag8YB1aCLqdFhNeyGF3AV7aK-ARnn10aicaPNRrt9ntAPIkeCSLFTufbmkvLGx6--Vdk7MeoC_uNdQtqHhtm5tEB0bqL0dwTc6EsBxFR571SACrg9JGxbPfV1yMGlHYmGpnJRYiKwCxgfpdxYOycujQnYPek5e4JdjMoJGdWZfz0y1stSZKUFMxE10rnE7bRKqO6omZWPveWvu9F_5220_4t6X69UZtQEVWguvDR1CF7ArG1ZUxogNhOZJS2BjH1l1AaTRQgyujxEippPJ6XA6GUvSEgo1nYDSm7NMGiKeg5OolzWZgOO1zJLcKAjMysDN92fE9LGcB4QuaEHZ5TWxb3KcZ0u2aOehUTFVAvULqWiqQDz5AclG-baFvmdL12HVVPpCE_3HVSECKOWasTC2Llid9pDfRf25anoIMit03Vp5xn58MW4F2NJTTNcKyVWDTC6UgfMNQUTsIw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  72. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  73. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  74. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=vGDCV9ULvk0ObX64NyNDFFraWIv36gpXU5Od-52WrzLpcvFo43lRTPnH4ZM2LA7PyyTXKNfqd4Olws07UEYMe9Rpax-uMmpJT8efz13aeiJ0cAjQkV-3KGJsZm-lFIbhwmHD8PUEPbZZwdWn9rgy8KdUuSTZ-1228vyoH_Zz9wa5VCZeCHC8xMB7UPR8B_mLQr7GJt8cI3-7z2y2_XztjuIGiiT5Pt8CY7Ll7Pytoos5DnunUjC77JF7V-uHrUpLh5OsSnGVGhqERhd4W6ga0YGDwq5x6Z2T2eLW1Sa1Aaqqk35z42e7R8AL_kqiUu1oCwKGgBrRBXH5gUGXnXlkj80Gia7LshCBHFZMOhZAZBL9aqKgP2S56cA3W4d_tvuJ10Tv6z3CvIix-p9eIs6XvtZ32FU9sNCsMxvt5KiKQyIDoWAW5avdEafXF_vWvTI062nvhOkmQ8ATA-jalDFHt3fJhiRkfOAUBMds7i2-WLgRzAkHA81YsiV98-G5zFFvImW1-YkXOfBd3J14s7crwquP4TEMkl202QqyV9-vU_OxE18kYLuuF3hj35R1AWU6BWJnn3qlu_7GvmN2xQeOqFbT0bqIJJBiUwYSUb6CusMzfgmdeWDli0E8vKWpzTrfmTTAHIYA6uBORP4cQiNBskb4zOEsolbM-3upg215b5kV9rmnvDmW08A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  75. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  76. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  77. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=fh6X420PI9L9uVBImOahLmkTaWvV6BW24dsmy-V0JAyaMXVnjkurjqmuDeUixtTRHDER7OvNLYPahRDY6hX0y_p3yNTjCW4Bc9AO6L6iokjL0vBE94P3DYx112bfqrbGfeAFBf9eNusYgT2mPH0oe351rkj0qGWayoMBfLplcvM3AEIjfSifS4SbE9nf8Uaw11TmW6QLgSm-rF39Vd6UD5hz0AVVB-JIzh05ZXfbPrmc_T9cvRny2ehMzkpv3V-AS7Wi1HvzePNSpE8VHiQxUd2CBK-BfHbdJDalI0JwI-4UMaJBd6ZeRRg3pj3nvvFZBrOW8gLesaenoAzDZJw9RX50u_DkMmSbBUGVfT2zsQvBLfTKba5TGiraBLRPbDYAVKVdgkrwMuJigJfH3lX_EPJGXgoPCl4hn5Oy6HtC3_JnG56ADB-2NYmzme5wePjfENTl32lc_UaYkvRBTG586EGj68xkJnN7xUOLzQB6wgfxv4J6dRJtyQkl-KoX3aESXbRC6R5TtLoFcilKs2hzPzeoDjnJeIUgNh_lSjC7QV16_aYvFCNSelgMudDPhhu2h3ze-NIC5rKfAvvWLrTKHyqkqmsCE95RCQLSOJ33LY_d1Z4iNOykE6WDYigiUXVgJCWbO-MPqBvDGxwWFg470pXHdQ2PXydNNNeVRJiKheI-3JzlbPmvN9U=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  78. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  79. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  80. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=EG5qlAfvhNyGalcgZRXhEob6fydxFrXqe7JfqfMa_iJiD2C0CW4YgpYvyg4CfOurwTkroRfrkZ_WB5C9ICuBqH1L6GC9ngicS--VQ3zaIda5qJWueuwDMHxRoWlhoEyhkQxyxvdF9teA56yNR3dcegpnkOiIvkUzz6n-8sOgHH53cqcWmypLp1eGbXfDjXGk5zYDFHPaW2uL48DvB9e2l9ONCKrn60Ind_Yjb3ApVepExDmQzVmhnMsO4ffOXh4yx-nmg22pAEyAOuEL2q08wOw3Hjh3oAaCIq3A23K04tzjnYjgOydhFpHubkwoGZprGDYfy0-G1E6ThMAFr_I_CGkkHkXjsNMeyVm9kGEqy79VvGXSjgO8z6KRFzAef7D2Z4JBhmVkQhPvw-TNMR644uejv4a9YDcklswmxONcO0pA0_JOYXmXaWoe5_XdtcmDoRt46HCIb2MGxl82WCJeJ4pgAOkTYmLveBU7WR8uYtDmBAs-R0TmiU1NuJpoh88JADRROh5JaGksog92Y0BmeDBXZ4U5Bwv0hMBHZ2l2qP5A9nN5q-k0eZGmOs8ujgBoyNvSTbP8P1a8iAZ5sHwKkPDKTqrBcWDsuCvL1JRg7M97bMzojme6-FjCRujv-MHUAKPXFmxoATP7sJF-DE6HGKayD9yZS-e34Bqt_tLT6yU0wJTQrOWeCr4=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  81. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  82. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  83. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=ppWI51dy7J0nMk-bgxHtMQlfvv2KD9GVMDPcrOzFgtS4o4-G4jsn2HMfSG026qXq4ZL7gHXgmzOUWpHC7Akrhe35msNS3w1OhRxCnonw0b6DFNAX3aui07UVizaq70hG_i7uDt4OPfRvwXXkT3o7wqFHxlA9HfoLrI-Gdua6WzuH6HOHTYqYGv3eljqD3_XmFSfsT-vKM6fqALc8Ja5Bjr739ATWl5FRjoBbvRqaEyS_Uq8utt9xD2aACHZtD3ZINPU2Jb9sxGm-k6VrColvlDsOt32DJBuCbrbLCB79_7Q1fYaBpz2lROtIq4TiuTlt1p_S5nvXiHsuU755XRZ5Weqb1QYxpuU_Bwe7Nwcny9GyuezOVQ4Bk0gS3UFqRD4jXqe_plC7vJYLl3nFbTNi1lm5TVsGF8iZNo5KJDyuoBKJcSnQeYdhvWx6ttuDo9b8DbEJvwnrt6tOWiIEAlkIDViuHtqB8s6LaSgiTqlW2yVtChnXCV2oM-xY6nFgga-aPP948YgANPUhvhNeBcBHw-ZEoWmaqPm4XvbAwHU-KjwyALWgCAACH3pyjRgjaQthpi44xQtUKu4q6VaLJGmlde56S8yylUEMMOSwj0rPNyIjpQ9fCDJtfFPAUtc_kr1LFHqQmf7lb8fwEnX0xwrJ_5fBPcL5vuMpgpUDAsxupVgWYq4CBkqLlEQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  84. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  85. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  86. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=fczBRzWjOro7sHTEepJpU6dWcdOoScu54RWzizcUUI-1n4vgsO7rmROb2_lsMXjwCGGZDTh0c0FLYZCAbxtxqv-5oAxgkf06yyjQUGUMGX2je9FFoLYI7rd1cUUKVdLkEIQ64HgnThYvZJQxO_Jf8plULobdxbIg6JZHiutH-Llh31FPycaw7hJG8wK2GM6OHrpo66Ft-xr6QZboUm4vYW6RqFk45Ha1JGgBNEwptcWN0ii7rhyUPNS-KSLkLvTwG4r9QLXRimBQvC1oY0TOC9N55_KNZVwCgF7-1wzUoJlRQOMoAZD6mt6FpPfbqJl2gc2Tj-b2uc1VSV49utMh4bXGC01e1SvFAMxwWIHCwI6SOj2Mmt2ekzejqA3HbEMx5Bo9r6QcO2mOpTg25RqRdmxN2Ohvxq17BUebTDqYOJu0x2Q1XhRHACuICplUWyxB3XA5f--Ch-MnhUBrloG_CCDBMn1-tmVIylgfIO6hISCFrKmCdrqFkzTkvRiQ70wK1gBXhq4UAZTwXcsW31xCSIIkRFxoCCnUb3ypW1R7beZlfqixUkkwaADQEINiB9ZBpky3yJTh4kzZUO7jdhzZJHeRSm77MDxIwQ9J4-fd1gEiOXx9fK_NddrLi1pykgGA_1dfJapJhmAmBdq7_Quu5ziFhcoZmfE-REPbynBSc9uRh_13IuzT9to=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  87. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  88. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  89. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=DFzPxBF7RFHEmtshsB4Cb5mImHsqc5J-rf-oNPHz5HsrO_OmH53J1HZbCGxwrWvtOc4pZH7EBp7TKnF0rJGbiW47gvT-CzPbWhdEOvrrNz4ORn-_hN4XsrV0cCJCfInOW6Lmu239R-rqgCZ0FhhB7e2ZdTJ-rTTPdBWgAkXYBvBJ-qk0mCztWJ0S7gcn3KrSlqGZDryzK0gVbDPhicS0Dymmnv3dYbaFSk8_dAuJRW5yIYrt0jjAKJtV0JYjMwx_XXM_S63axGrwpj3SMRmmb32nXmAREnp7-BvU0vHoKg1DfBLbokIQvcwSbXQJK565DfFJBIeL2AxqJPOKuzUPYJeTjH-EkH_cgXMN3GDHJ9azV2sIu5VA-mmABcdn8PF6WfSjUIWqJs_OsNOlOTb5AGXfn7bX-Vdg2nViwNOTFw4NJ1JohGNOpeIH-AP53PZ1IBQUjlyoa2srq8bTCXIxYqvONRD3TaNYPlw69DEQzDgKnOpsnDwbrimlZ0jgcIMLiVigzntVU0GEXvmGnh0JIPzlewe8WoYSfRJiK6FfOheEbqdYDgmN0nahEIU45JUG8D8ddNmHak9-WQicYd2om2RoWH5jFm--AAInEUI8bzxvQN4Dyp1uNvT4hJzXXnII3efGfb24HKi2ah9W-XOjDJyrlJb_wvzqJYJj-VnJd4N0M28KCcAmqOA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  90. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  91. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  92. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=A9KzFKDozg9YeMzfYH1CoOObA2X6RdNBIU9iB9e-26DCNjCR-OzchIJHgxG0F6ysN6v4SppSgwmRkMCxN7zQT0wvMfJqrauYKY0GDiOQ3-uH1Scx9ixeGLxKrDoUQaXdBlu26q_O7chuK799Ja-dChP6HMIrEyw4EQ-nQFC9OaKHkPgpk7Bf4USxD2nsmWJhrNllgqkrHEr1hZXdc6cVdhsGO4RynDWTlaBSG7u54XgvU5qKMHFcMv6tRUbtfemsr6pANhdOM5VRNvdUeYfizr7NoyJoj64x9mV-Mm12TI32fMS4a5KXdDS73MmsBklFxkapZfNVTms2a8sprirjr5_TiwliVWaPJY996xMQKGSuXCEOym67ZQ8BsJt87_I_gq7BvT29AzYA-AHQTo3f1Sd2jdc5gvBRPmZlsBPyp2mDo3NbwjiVlop3EHGMxN0TDL5t7Q5k-Z4Sihyd-r68tGlRUqxKOJLkpzamm3phGB5N3XlMNM8TlIUTd4aFlVqqTMY_UwOQzidU2OjDh-iM3_7a0CGCiT-0dA0NtbPo--ZKIw-BHMafXHrrR54sra-2JPAyhHw3S5hkg0xCNnxPH06hCe9yvK_Ehd3UDrgOd5jiHYEg25vvllJD2GfgNLBQj4mJw9OMrackjuZ0_2RIMCuDASIITdjpztEM8D-_UYcrY0toj51Xk8c=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  93. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  94. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  95. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=ekTXoJjbSf3-umhgaIjHRPrym72sahAYtrpvH7AUczhtnIEl2KRogxn_RsrSbNGLztzmBJgCsXs5hN57iRxFh81phVSmsUDHEj0b-WzJ576taqY1GGVrAV6Csaf_w6xYuvEflxbTizRI31SVsIlbkP5CyIEM0ed6SrOfRNDwhwlOiSG4czfeCc5WnQSxdrx4Y_TbW7-ZBiao44abpHwYYlk-9__PdBe2A7an73PJavHYleGkZHhNM_uDxBFX8Yt8E2OsyM3Ti7-mrBDiMtmagN-1s3Oyb8PXBK7aW4lRi7KV9T9Be69qx60nP4YKfNbQ1w6C1ZQWj_50Nwiiq6raBwTiMOSO4rDutwUGHqA6AO2YjPRs3s-9LomjPBqe_hch9mrDUourUpdRemjtBYzit9xUuPZrdLctFGPG6kdjoaYxUTntWZLdfRaGHEiaUGboGz4wFMh_Z10cgTmNL4b36282z7DvVF5rPuT5jtMkwwzQxKEEXysS3JIQarCpNImT29i3KMGrgB3q9nvmMP0_Kgs4tKMsN-xY1-HHxatZtt1Tdk996Q6JYuQAAK1s5hqiNMFzLL2cWIIVcLX74bvwKwoFCI6WIWmDxVoeymRGmiTMtQ93aAPTLRp532OJxqQlSHTKq7n9qZL6AX_h5PCmd5vgffP7W2WllDGxGn6gGshhAAqSsn9-t40=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  96. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  97. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  98. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=f5mFFc5rDWkhko34FNt2MhIguUlAC2k7NEHgc9zrou45A2O5C3d1TA7KrqkQovhUZqPsbjK4RCXZ2yu5o-AyfrZp5rYfJXZExK5fm4ol53FB_6iPWgjkpxK40qciJiyHlvVEv9vallp8yPOF25LmbhAfK8fvFBh3HPNpIMPuuf-tTLX4wi_TT2LsEh4qcbGIGZwKeIfajg2PUYpq_ZV7-f2-1OotuSYmPmbhBFCGTYVTJHQYY2yWD6Y5vc9ytvIyHtx7TAqViSKH0ZhDwbwn6m9QU51Nx9gqSqGaqZle3P5lmn4FH7daoSk27VrZYxjnho6E3sROzyA392vj9boiKEgNhkkYTQZVq2alD-H1pId3XDhynsa0dlv9c4KcVY8LV8GNi2623-WZOwBWQ1mTYq41xss0ien17TiFy_rZ5zWxlZqVeipovvPtiejFKXj6MbR1BuKarrcA5QGuSe0NI6puzuhHizZszklg8r5Wv4U-_pZIfIjtz65-uzGVd0RJG5tNRhDjfqqR7hJg4tiCtOmhNtyhEoiRrK-E4WgAeMnJf_taj0JTi8RWuHcEx0xuVvXKZqY07NEF2dfOKOaciCqbiJ3Zh-scOor95J9mMRGuHtw4oD5MUvbkmNSCDclG6LPBD0N_NyItB4BCRwOaWDz4iYpvuJgBzs-LyjAVwdSoRbXkZAjn3as=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  99. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  100. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  101. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=rWJysGnqQ2LQsajLiWelR0k0uVLLhscIbvuoBG7D29vdsSVXa3NgmIzB1HLllZvWcxV2APibBKuXU5ui9pGgTn2l1r0eb5vvWjr9fIvBeIEWNnyB2MQ3fQyd5LbNRYuMyOwTW_Zr1Z3CfYy3Ueoqp18zzH5PDhEJC5R-HZ38SxMPEl-8W3ZDdq3fMeRPMC0Ohjwz7vHS1U9Fsl5PDSjIFDLc-IKe6hHMUTvefQNeuVWep8xeoJ_nyq7WBnzM1tOFdKrEdykT3rzFZetQDyNMwtx9ZXEGf06PlpX1IcnkYMpZAiQF_UNkPutl_tnS4ate09cNh-mXlcf0D-ENn2UV6GttNnJl8sWXutuCMhApRDZUkZ0Hpn8prWVjZ-LRHmgvE8W2ZllYorgLLUs__-3qD45Xlk7z6sbRucmwmdLBbQ7VNEXX-sp8FfyzZphFTRIkV-8v0hRwkfvmF-p3_mkrCEUnmi1uX0_fuuSY5wuxu29x0Rg3WRqcwKYvZNLbzZLHbvVouUTfMYBi2tCKgTzsVvKpjFPNpU5B5H2rW2GT3yAxpsrj8iU7kx60M5a8UvpFvRyNHrtG-JMPR-NRzAz_Ed5V0sUVV9R5y0ej4gp8DTtEXGYkwbFqGfQHFTDLqRax3WPIJbBgdc-REHJi-6dzW2KZ7559rpNux39AClFTFfo2drKz2KoR2XM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  102. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  103. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  104. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=3r0kcZX5XOt2R_--y9alwMvcU84tWiJMZqTxzPaZxB89YgJ2reir6vz0psvnnU_r71skbtnsf8prKOoVD-1zzmFZ8PXLnpwoeD-C-vR5mWWh6DJmb7y0WRz0ZZ2_sBAKtB-gXqHmvE1NG07d4_ETBDpIqQ66CWWEfgKJ2cdAuHnfQFO0vPdKqpgrhyB10bftA7T33YqlyRv_rxBAAnZbATJ6DmKwR8P3kQ5BTnAWmAbBFNOvkZ6Jggf6zZ1CIqQjgFs51mPZHyVW8pibYbxP05VHh52Yt9V-OLl08H2d7dUM51LE9vE9_CgZ4Y_7wJcFKwHAv7kl8vMStqGutAJLM4lTsfq-yCbItVe5FWb5oMVb23zM9WZlK1qdcae3ayHwi3gKOtOYRRWtpGH552551QQ3mTzQADlDTBj8D2bd-f4T3yhLiVd6IVx9_wuAgeZpjMGxr9Ra4Hyd6v8pU_IwI87P6Loh9_NNC1dSY1QMASwt6IhpopxzWQywd0qoPg3_G3b0ABzhQNJsmARy_N47fOxkjyuNXtGCl9A-Pc8Fy0OxbZy6KoCaERa4xnFItLsFrDwXvCtaWCWgQF0AHucZTGDxhlaADsSNolDFosSf6X4t6h_Bgk3_zI6vI0ZjpMT9qapzWKt82xm-NwUGoZ5o77JL-0eeM9jtaGfmoVHWYVcsozcbJUrEoro=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  105. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  106. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  107. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=cgXKXm8NhMME4Dy46vuzXxB-ExWDeVtQD1Lmlkg8qJ2aHNcdqgdtrsZLMAlhqerDbnekiwd1uMvI5poaMQWK7WiiVhdGfHm8QCY7aYyfjJY9gNZgcf4KY7eZqpXQL4ZFJZBYK9n20Lko0gc_9faWvaKee07JNFF_lXEjP-WAcKV4S9qQnDvLc6nsZCe42Ybs4p8seHQXMwdol5v1jwckYYy5_3aT0CNSZQM82hlR1oRJVh2HIKkjPQAeadsxms6FbKxM4QHIYoRhjoxaHs5fkn7OP_HZb1ubW2f72tOrNmeGYrf7bjq3ZoJclhOTI_iSolfQc8HTUlJsuNRYYzdAaXzotMycAn3QZAJQTN-4N-ceq0kzxVUP0TDptSnVNtPBG3850gr8H4cDfsE9w5pwasIdUz0mujFsn9eOaPQfLTxR0Kx7_kRrYjeaxi6Z1L_eavLB9GtRg5LowZxOd-Cec5Io3fMHx9i88WM_ZS65qyGSNreTrMnsA7FgfkNIAMhgkkePyl3JSAb-O86Dz3ojfzl0NI4H1nXDIESQ7AwltTlIk8JUYbobX4KMRXlLgHPMPqnmBmSRxTfxcG1Rfs3WfFURd75dWhBgeMkkMi9Q_sT8OIzqmBPrAV9qP0HwBP3CM9zirBu930p62WbWlbn_q0ZtGISopIdLxPMv1Llq7LOdC8wTlBfcZlU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  108. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  109. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  110. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=oD1zGnDAS9sOPmkvOQjPI1HXyWoNPrB0cQQWJ0-mjVS1b4K9pIeGudLDxJvSTL7G_UgB-hJlp8u0ace-Jv5FWYSOVhysXQxVbdaVUgJ8sTmqRpBuBz__k77Kn9sr6kbsjLvXyGum5jYSxpAPSBqSRTP7epHvZhwpds01oMwGoA6V4ukQoIvUXuWZNAuB_0l4aJgF3DM9WJKegpfJpwZ9kYEM-puJjjSEsylx9I07d7g3bayRCAtwP-d9vWgR5N6weEa8n3Ej6I9k6RHo25MnGgHYZCAS8OSbe27xnbiNPxN_oD4g--M8grOZb6nq01x2nQpg8r6kClnLbzOcL16LO38sLewzbBvAKGz1w7j6Bod6j0Kuu08yQ0AKJ-G8mCISYzSoFOKs9m4SybmN-k3dnvODsg6CQBjwNIPIUyYd_sfZsN7rTfbp0mPn50Yhzb764JUht4c3eba8xOrrFYmC9at5kFWsXSG9Y5qk0lcopWxH1ulCIF1Oh7WBdp4YMETrjb1l1A95KU3u1JPsV69GkFa-TUZRU5Ls0PCUsskU8v_EEHHTL3jM0I9Xk3jXE-qePNN3iYtD1DPwdrlYCe8-mti_QP08vBlKyfh0zF429IR9MGLxLuCLCZgVVFfQCjXEPROCPb3F2wXVs2HAnYWffSff1iVSLT3MsVdhLbBI5r9XkYx8BglKFnk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  111. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  112. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  113. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=XqCA2_U0eruhPJS4lsCbOiQrRocJKms89JzyHRN-RkeK3F70UKCb-Fz6WZOn2ThbOghjSOwMzdhqLD4P5SvFBWXeAAWG_kxoqskvqvnd4P6KXX03Nto16jHD17bJY3shAaakWtCCA0haKsUPRXOu3zNhvDbQPWNBMdWzhe0DD2xbE5GYAR1QPZshDOxTdIEIhmxBQPWAlrGhSFc5wZkBrfmC5iy23JfEYgyZRxV1_k446tOfZ2jy5QlzuMdem5qLpNdaFj1uB-8yQl_wW-MeRLsnXQwbuUqdWvOl1uexQuwHpQHXTN-Iumyf3vQN_J0v-k4fdJVI79PgfqwSHs4XF2oy8opfHqFslldX41x1IhY1lJrKa8RgYAYxPIqWghhtT1y8FlwszIf5gQoQrVwVkdmx83g9tq7nlVpQkrFqM_CDmNQbbE2iNi3Qdj1qNv71n2GN-zFx3DkUp47d0VzI59oLAyx36qU66oX5W2RJ09tPzZ-10CRslddmAIo4h-Npjw6REWy456Sr2dve0RVxxMOloG9VLf4dtXI1ysJelx9tehw0ngNnn61hCuAM8yOEc5BxYKklYjvXwGOzSHxBQdPfVYjy9nCZs6JWP8ZGKju2Pv1VA8hdgjKAzXnGnU17aFVnIF--mROqO4YAZlyWrovSPlVuMGqNWHCGy1CwcLV3V6P2NrX31aU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  114. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  115. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  116. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=tszonR7bERTovoebvLy5SdsJpiHzwRSYcUCwyV0QA-IaEtI9yPDGhQy8k0YvtPbPAnrIn9IpCtXVCXFyrQEayXqhOb_PTnWRA8O8MxwrZfvUnf8-IQfwB0-tLlmBY0hqmusZk8dTYVKPuzFDzL4f9OBXQd3h4qwhrf-ShDwgdZ3eb-1iCrmwQOnKOZI5_xIiPQuXNUXD3rqlSHP7hVlwi0rH12K9obROxBRUMShklHfgE112IdvbmalHK24lcSKrYzPyw7NTemeBFvhbX3MXCl8RbNid15N_jQ_6Z3AHghEAUZfaHlVNy52aQNj1fhPwk_m2-Cizu4NJRyN-61zfyJCnUArChtj6fL1IXH-INg9OuqwgHs-3VQRzrfNZ_VG0klnF6iAtb6-BxdP83X5HgwHlH88jvdEhr_VvZjllBAtbPV9-cdJM11N5TVp5WmUTClX5NV472M8Q4IaJNjXo9W-1GCbejBRvWfw3fi7eUemMmCkGLzmRBAeId5TmlsLrQeblo1zNuM3l0BJ6RhKFcPsKcCpX74whjN1JeHEJKCgUAObOOGo1oO9GptJ7Sj6chHMnfJnEjG4hFWvrLpvx_QUPr1JSzdpzSAA6oElHlEBzNa38U_hb_CWaNi9xLZQXJzf-XlTdsefqgH5viPZj1Rsp4yQSsiavkJ6d_bmhoH8mOXNvhupTWoE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  117. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  118. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  119. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=khv8dIaFc8VrEMskoiOICHHtJA8fLi7b2d0-_2a0OneRZvW1JiOXvq6XT59sM-DkDWhsKxGnvlDVs1bVTp9vRhj0QfEgujvBetRK2Wxq08wGGuJ2-gOhUI24KzjcTE1sMLb5RZbE2d443Y7cKIh63KXMuSjgXUMs1ay5LGTxuhVrW8Tj4VPGAYZRkfETWIVqsKdVNVxnxEHbkrUqt5i0la43wAEu0K8_1QJC9zHE3KXaqFwrOqo2xBVU0fPFA8jNYJHhk6s95xiV61eWDdHnk2QSLMB8Fydh8na7OMfbvcr_41qMcVJPOS-Qj2IpCCoLgkO4AGvLOrTGlKvpMNSneF_GHpeFaWinRoBmL1VuRPOS44xbCJHSzcPhOm7Kw8G3SVaRzBrHCj-xS06xUzoaD-iHc16NwPR6p6HIVNcFu6CRJizsCn4ehKcEPP15ppuktUxfKtVb8Fy5SW6MPSrfNPXbhzIvyURRzSblXBtHw8kiFc_40usWjT_omwVMSFus6crQWiFMvJ2ieLZr1KiYJXdHadwbST1EJqRVqXM2Khr10f8e_VWDVoG1ZBkiEGjDVK2U0D8Fw7aJB0j59HGbq--HrEz930ntNk-y-iCG-OOx1W5hk8ux_3sz1AcxL4V7pgTTFc5fRRAQnQQSel24NQ_T63x2s7UqyeNaypHdv0D3yuox6TVNfT8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  120. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  121. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  122. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=nkpRW5YA8c7fLg-B797i_KldWMHhJn3mdf6-dYQIpSjWjc_7gHoy7btmZL6_Zfw_HPChNagq-yOWDntaPACb2SfyxMNYRj6Dm7-qNPIefaq9hH6vY7dDPziTRECtWH-B0Mec31a7WA7RW_fxAg5EEG7I43bvzvl2ryHco-Mf53PDWF00Wi14i3vd76UeRpHf-u7j8ltXCjxOboEyEb-TIIxhGqsnW5p42lzaL23v3H5WjB8HxBHwmg08FBq2Qt3q8jZGUI5JBkQT9ECU_JKwFZbz1JgpPAufrVf7QwTG5umFv1nRiq2wMxsGi-vLp_jWDYRynXbvcelVt9XUhrUT0fq0_NC_df9EdiKx3PulSkGj7_WnRg_nrzuJZqqUiXzwvEq5o5bMztMmo2MU2lV6EkCZejHRPOMtrUfPnRcVcogbh3dtbIC54wUFeAffRher1C3p-S_Vqll5H09pVBqTeIKpzymPG4yazeA0gJXOAebSgUCUc7rFccT85nESwHrW7x1wAF8dyc35KA4-jswkuvJfvTK-HmagoqJm30BA82lNMJ7G3tDTsLUS4Eh206Os2AiKkxXZdd6pD5wDRHnjYh4R0U6gL_swGsbUWE7YThzUADkcRNOxas0vwel5NvbeTdY40VC81VYZ0tXhFzTTOxZJd6tpGhxtMmIab_fnEgKoSpBsgvXTfUM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  123. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  124. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  125. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=BfKeEEA6wWl_t2dP31lSue3EoLmDQSf1khm6J5kMVxlWD39dsrJ20qoYmDGEmoPUr7bC4w5U69pWZXXUaFwAeouIdVKjOysultqOmlvLuqQV_QdZuTWAp0KKRueLDUK6FdsS6Saen6iD_SNhzkiKKbhGqSHfwcZLiSdi66YkQeQgKzCG2fkYwsXVHMNTftPleCVlKv8yv9u6slwz2MGLPYS6w8YQIXpVZK34exYliWkC3QGNkI3L5jeUL5DEGDev6FonPvfK4DrCDZE9QPTO602aTJQFBEl94dxHM1f5GY3sYUHY5Y9jW8UZ7u3uWO93r0uVbPQGYDqd7MRr7CT9NvkIGjaSoNoqkLOLB80DZJNQWQjeqFKMK1Hz2Dc3OkFSHs4t8a6Fa4qCD4dwO6G3x407iiOh7XCscLfV7u_8FnbEP3Faw5mwVS0yZ5TgxR0RupfXLTQgbwdagoM4tI0Znn4d39Iusf8aT3pzIkXSVe8fCEiNaKGzRxkezRmvG1r7Wzn46a-T4FdVigHPIqYsFgJpZSinD3IPX0-1AQcisE9ZGAfZCI1XIkjigFN_vL-TSjAL7VcST0kexq1hp2y4dHnrrUMLHWXk3Qq5owBJyMk8pNc78px9eBvHwyRLmR7LAjlbcbgT07fem01UZv9I3d_KRizpXIdNK3ilyX2PHdvFmLT5a4f108w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  126. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  127. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  128. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=zEdsKWwg7bvrhdowR67G7Z1TJplZRWEw8lNV42eKJen_c_5hNVc8KNt2wkv6hmSEvjG0t9c-YLehbI3nCOBZOuU47Q_SOyZNC__jAcBSq2O8yf8DMLEZG2LxAh4nlT90oDivZMyX6RJZVe5IXPpVrzZGiV-7RDjSnSVMEjW37ipKC2L3ldpOCrJGwFvnT6wbwXLEEcFhcx5tEmiOaRdzDXQdIMF1R6zOfdfIqRA8xaUBkPvKQBld6He_gl_0a4AiCkZjnH57ljsFqYp4RJo7tDZ-XHy0SNMgQAmACG5Ea8G7liaZb_zo4UUlNRvBCs8e7YFcVBfLLRoVnw8vL03khKti8iqgSDFlG3It3kPcZ_N4Jps00PSLca29BC0DxG_9Fv2a5GyDGRWm5q7tZS3nb4Xc_EimqBCTMuWFUB0uiYLHafkvPQV1La6u5dQ8JVnDdG0tld2JBh_0z4s_IYdTK6777Q-BimKVi2q_i0CH_SIBA_lsQg9B1fs5068X0X2hwRjem6uqTxiV_rR8bj4gQDZWpl8MGYX_Xdgdykj1kU5wuHE2tw4ePpooiJ0YknC0MELFYMa2dXwLJbtqUsJCp1x8NKO8Lp665OP-H57ynZH4a5F_wl9CWGdUEHxpuDkiBmGJJoKru3zv1arnG4B-4sg9028qbCszhZA1ohILylxZFPt3vvTl2wk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  129. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  130. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  131. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=gQBnacnnN-pU0faoZ3YxafRT6YTioH8UMXY-peaBAd9X5AAXP4q7owWGXZ5yua0dNUtwWAKZKlAYnyZd5SooUUUnW9KhI-buB8G9Hb8FyfxPdsBnfzWXNDf3mqVuUMKHlpqnEqcKhlNxJMrG66uyrrMPc265WagV1EUchRrp7bPzPv8p0BzixQkK_X1yFPcKP_R8tCMV3_AmJ5x2YfLnEs2pOSF1MNnLWwxAyCzoy2Q_QE6X5uLtxJHo9qyKuMOnkAQHEevZTog1kPs0qfD8RWb5xLkSiFlSt110MH_0NNixsB1YR-GcLVdZbWIewNn1lOHA5_o6GMLBbennAbIO1kLM2oFV9XvCz9I6O4I_oLLclGTOXLzzeEBRmoVHH5KZPq5_P_MOaNM7miOzkQWUZ7DlW3p4zwon4Yiq6dOUtcxYy-dFLWjR0RtTufvLt48jirrnSexqh0z705oNiA8SJqC7nWyRDk5bkNz81ll-_2ftoSJtj7n7-ZMDCcWMvPG9QTgHqS9qiagcJy5l59yYLKrcwAJegek2UD62L3B2fmG7zGhVHMdVtqGh7-eAWEtzM6K30YnFS3W3q5QDZhiDxYUEXTnDdEUQJiEXY921lq0Erc60O3_FoXqh7DHqpCGrGpznrLTXcE_EQKEMep60bOvBWiU8D714A-YzIT6-V32bktT41yjzRNk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  132. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  133. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  134. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=Wg0OsmY8pPM10j47yVekPuUIJR1AJ7LgnN7FZmN4SLz3bR9qYNdhoRZh3kJPcVNfofaX6_YvzjdPt2g2RCxbvS-fjrjjXuGSKi5gE2MieGsNzFcQLiruup86j5qD0vi4Vm5Wq3y_4VY2G8N9ceUM1kxldZF24obAtxFM462vekAkZsletzFarogIxAKoiUAJclHJxoN_AwWbIPouFU9IQsDle5KXesBBCLQjXv2xMc4hQs2G06Zr5cJtNwbSJqXV1f1q9zjStJGsLxSEdzyOMT0HNFutpPBMcYWHJ7WUk05m61COzVNXV9pZC54KvU5TatHfz4NI5xCJENWnZXhHuT0yG5nbH5-3368W952cgjZXa2rm4x2zRSLsW3FREXnY2I0eIh-TlTTMQJKJVbpFDiooC0DVAHjjdqnYVIEgA3Objcuj1mSJ2ll8pSAnfnST4ceJAOKEBxiTBh6N61SB9QenmA2yOiAi52fzIFF95yGDTVtYzQflKrm_eK0S7Sl13uhjRMPmImwToSoUbE-xN-Xmpn26YtGy4HAIE_2jQuDvKz03TKQaXUTFQhmH8KPFWCxJfnavf-R9SyoQ2lJKuWA98E4WxKkqTdlbMZvC3FdgtcVn8oEAoy6x522iVByrx6WKtZqwQqXKU1gUFtO6i0JNHuB5yFghvCvxo6FxzSMaMu1l5d9_hQM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  135. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  136. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  137. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=X2lU1dhqp7mJEXf_dQBXgiRkWvnlaJ2Hoq4stmzqemz2dV0tk-P_V_s9q1XOMD-SfaarVRz6k1ROWvIciLvqsis_sWzTCDxPfpP1BSHGeQ4k5-RPoY2un_C-ZJcc4b4hkA9mG7oVCS3Y_FnfHkjiG9CCdyTTjb2hnLRl0Mu6R-mSPAADsIkfIm1IgqwPsdKQItDDt9k9hDkgsI9g7RNbauBy_CyHl9jc2gTtYsN8kgWMPZnVW41RlhJNcctvWvM9PenKAPAqqoZmL0bBNJYO1ZIKJca8svNNArLGF0POq2iwWqvcPv68Ls-D7fC4k8E2-7jIVIutehvnlKxpu8oKFi6hJuyl97Tpsk1XAveq-jBrJtClBMKg9dqbsU2ie6LLPuUNXVroNJm1xLH0ejRKQAG6W2uaqUMy9yOXItzwiS6SyGvYP_GrM0LUWdPrsefDo1HVKxKHQwW4YHZi1mMFHY5N_VWnJjKkNtwZRzOhp1Cxj27OfRJhFF0TYuMCmOF1taOEDboYVEqk4J-KsKQAShIXsGM8sBAlwlM6R3ZxMikg09jL3QUqcy9FuLpvud_cmhS4GeMvu7uflmDGDInQIfWlHX046_mcLLncVSx4alFvwfr0MdpDi24aAeKusmlAcB2nShF0RLnJTdttzXX7Y0-1LIIUuDkxefZ1hXFegbJ3HfJvbrB0CLA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  138. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  139. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  140. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=JdgC7Nl53Ov9DaW3CVPi5ExjEqpctmOMynsbDhB-IuszqRMvx5gIJEIL49E7Wd0IlE_o0bh9chDORtw2EbiB1y1bz3EYeNDfGtflCP5Q0tDNHn7ZbIatQz1fNe7uICeCGiJ9NM2vGcDggNwoLwFqRsbJf_EcCdgMiCkkCt1IDjujG1Ku_78N1r6EkGySWYIQvTpuhusoaUIUVTGtfRY_uNgmCUZmi7dJIp-fkdXBfTHbvbzMsA1YlSn1kb2l3S-Rklpus6m09ek7l6MBb_4qWAh4DXB40mY-F0l89Z3iuz47iE2JZ1hsh5NBkaWZNMnrVvFRKbO81TPCAgfcYUQE5S4JB2i23qVNwXzTYxSrzIrVy8kg3PUKU3NI4lQNHnJSS3HGJ-S26c74X2KdWnhzr8LbXf83-EYOH2nF-xRNYNeTEqxD9fHaXueVivr7hQbHHcKB2T5foVWPgEn7loh3M1WTpjrT8xbtcOeiZy-3XfolARFNoVDRfxprGTwnr70vFKroByIylInerzdmg8crzvcTCFIB6fE7eYveuGXTYBK2SUnAnwbC9x3rSbY0Aw-MIdX3jCY9-ihcLRzVQdktRVvW34saDG5QlktTzjqoIpAvrn5mPs5Qjuec-BOSe1oqROwS_665qf_VLkhU5_vSRI2GQm2IY3AWXXLe7Bwm-mcahlBio4cgj84=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  141. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  142. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  143. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=4jM__Y1mG-PghFqci_QN4Cq9q0wrv-pl49JmKwknFN3UApsCfgwSzDg7VOroImfscrySCTeRDc0kXL18LhYpufMCSvJpKTVErtzvfvFKtLb1Gw5jBxtjrkv9s85P7E6Vm9LabhbULw_UQkxB9jf5SIkHq35WQ1KgMODVegkgMH066VKBZrrlIcNyp39ilcK0Awszg3dU7kJzpyZT7R0jXhiTpRq7EZ8TkjOlAkjAoct6G3OloGSUI7LiY6N12x5HQxMVuSNrNYZipe3ypC3W0lgNUPYjhjoqD3QEncKfKYNgflQ5Ihz_Oq-85ClUHRRldqP06cVGWmjLHbGeJmiq0MECX-rQWM2SEYA15pUNp7y3horGSeU4tXe4yEeCnZqGZEjh5eNfy8mCkq9dznH5uGBBd-e-klYLZmkDijl3oQh82doz3q750kF8_kMFREiG8o1klNGJlJblDYIa546-flHrpHan7l13jyk-W-mNnDDGYmZSPEApgjDxONFm100SRuwkU2cGBk66DMAjtnqZhS6jMcBRbxzQETMZ_dmv3WdBmJrUPIswVgbbwB99g9Q6q8WvgRLVXKApPmQsHt3MYsgd5-gIwIqTr2AEIbRIg41ZBgKWu2nvB3XJusGj5jyfX7zkE80zUKNdXy8PDA8TedsQHjTuUuU6yrxAuuf0WpKM3rLy5qGyCso=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  144. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  145. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  146. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=utZPFbaI8b-RTExNoULgIuBIlMXaxYuk_l3WWVVVm4qFvtDbfj312gQiSTDAKGoEZdCKMRc-zcyfAeYVm57X2prGrMPESkwQ5Wkhzzo_wdnqoClO0rNejK97okeQqT1SoXdLQhryDF05gd4f-OOontiYkSrHdGnyFmMxvmZzjq20l1u80ZoYFvD7JltTRtzw3OKxG_pG3ubkafvlCmm_Fw1VtouLKxu_v3nYHEA8K3AwAjBA7N16x0r8UeIbLT7Vafw6GRZHUi5ymVDz01Ja4Pv2hCOMNOd8WuY5_4n42vNdI_TFLVX6bLn7jw-aVlhHiMKUxsUj6LyUqQW7hUrUxWj29xWjL33tJ9fLqgP-l46VUXKV6LewdQ7YxpaxCozCquDsHd465g9VH-IA4FF1lainoSfi3Cid2tqz9cZxggyflp__8o5yVuX0ro-GNe4h3NNcCJVgNXo39iEkn7-fDQR0-wWsrj4KwpDB4peVXiqvX9ann43gsgdPLLEoN6LGmXXbfQMHuKGIfE8zmRFKbE6kCFyLRQ1Y6PACrUy-3_UjQPtGpCz3rtZ4X0PqZBxF1Y6Ts0YnOmBM2wFL5j82l2FEx149I6nVL9_gqMchH5vI7mFKCNF9juRHQgsF6rpriU1hewKZwHqzKpmLTE--rgDXmtKdt2jQ5MdUTj9UyuIi3_VrxmJ-dNU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  147. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  148. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  149. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=YB7GUzSEX-jv2Tgb-UM6EiMScqhDTSOXcye8hp3pQuvEhyTpTBOJ3lqnflGQMAYMfZClBi6KcVxs78jcXQehconWSwGya-He2Ao8mdoXSfVfar27fnTmkAOFyBCwakamIrWntqTNvrDlGf574q59Zf5zORqVRWddN5jwKOkfKxIaNm0AmDnwtak0AcvpfP78cjdmYlT6TU8T4oxsGV6u5T7-sedNz9CB8omGuzmeEyDjkA4PhS7TaqoLGwyElmWEA5EpOGYHUo0BExgf5RHJirdG4P3Cr69ELlWVkHAUJDQe72v7kmuQrjbAeEbDraJ_hXna_3DZC6-RRz_B3jQAINrojycL1OSitq4ajBvi0CpEF3Y1XhvEcxV7DyI7ujopVsC0wuZ1-bxeHsvOKbnqj8I2akmdN0m23psy9KmZVlWc-PwC9OWBljRtCrgXkZN5Vd5SZFJ4wnuFuOHLxdR2BWvxnbUrEKE6voOnh4XMc928H-itCVXdxPCD4Jkxwlrn_AYDY37l2VmwS5ZpNGO8vGzg0nMiaocVUuH7lw-LxGt9lr4P3QyvyIy6c382AoBBvjTcNhXf0ZPB4_RoMlIEzb4oQL42zJuDGUvgtEF9ghelsJyILpXKfxtuqXk6vOZmNMm3LWRfnfMabTuQmGiY1Fa0SDHwvcmGz7xm3WBkG0GrjatOBpwX5ak=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  150. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  151. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  152. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=8i0agx8C7eF-Vj2qqofc1CU68ZRGFhEpWtJ7AfquqeIgPFJhN7SSb48IYCJldvifbK0wl3XSCMgVw8focG3vNn93ghm7sDRQRllDtmVdSwKuzfkC_deyVMTdls01GuhbIcVfB3ZRHat41_WqLrjCamBjwrVYf146-IWz9T9UY4HZU8qipvgdlGM8w4EkQckRKYQoCnEOR8xD-PjB6VPzjTABRpz664T392PmteSoxZyfhuhHqmHn2Vhws1J2htNE3fhA5GKi97SHUgpDajCTkvnea0lw7u033i1IpptD5FyrS1NlKkSIUdJIzRCf9x5NOlviHQfQIOnYn3PKhg6kemPMs5yB8Glagz8FCBuLe75TlVTqD-HRRU8vpwr265nv1R6RWwDqkSppgYFZRTFcBo3onVUzDvBPEfrSCqzbAZt-jIirkfcJaiWWwMZ7WpvpMq3-8jbNLQxc2YGILk786IW7yNHd-haQShlizTyEPO2OwrA7ne-m5X6OrNbZkRpP9Ezhr8Gh1EElvkUPbSPT1ldWbYHncs2riaLbAZcGH9vRJZyNNKkG4IW9nB-BvdcB6_Hz3XyMcWx0oZCVTzimUJfLdtVb_XjVhx80CduXMGtNxBfwgRRPwS2tHQ7myDyr4t1iXW1o-3_EfaXeEwavb-nufEsHNztR-vZuhwV5-_sDdQW160ojFCQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  153. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  154. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  155. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=oLuyTS2kvPhCUYJfT1RfDRY6CIe6ONj0mv334kMqurlyBLByLne-_mlaN7e1mEYCqlLwY6OXDnzvka1mqXh86NOO2qPnrep4tEmMDwcVnayt-PpIcpNJJXqnPxzuqUNBSdL4PSEgGzyzHyEApw6ko7d3Sg7VumaG4bm-WS7YTqfxLAIn57Sg6V4Jx6CbGDLs2OYAqu01TV0VcThavRTmDhwxRaIFVsES3NhXhqYvM9TQRsNz9fY8vddKtiMGWtqY2iSXas3CIOnouIeKWn8lccMZrdi-FkZcusS-VMkVon5KMCuUTjCnQktCxP6h298-ME2TRhAZ11I4L4Hep9DtzE4M2Mpu5DkBb1C3UkCbILPREWw4NBODzKqAVP8bsj_kj1IG_QMdPLnRdyYfGEEj6ZpOPOqUgtxQh47X0LKDjiPJL4w1j2yx829Dk9gRguZJ2xovB6G0RtV1zfW8ZGqYuKzIF0JFEWjD_RukpJVQCaIi9xTHANFTBuhwKdMWiIE_nfikyiA8440WIW_BI9tvXyDZAWDqWWY4_nY4s7TGjYTy6Fa7jVfwn3XS2SqEZFAujo8K4hSuNmFFuZboiYy_zlHtD6WjGPWtrJSgy9D4zkOhwPCGhamHCrQ5DNGjbMD_Wv8xHbQtTd_KOIvGfzYeh6-kPhBaWHM4zZiHptvs-ZSw4TmRnWelNwU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  156. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  157. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  158. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=2WTagKyMqru81qXyjnK3mx5EIaDn5YAPRZhrdOlCYY0UbnSic3fscRJLsLyY09cSSwqrKe-kbSU2D317d_wPXzKa1m42a3-bBW-2_g9lEKIT57r582Bzn1vE_cAy3xo1uPE2nLCAZeg4UGeihYOWKZFi4G665Bio29IybM2K0bfVV7gZOXI6iMH4fOLeP0AToZYaM8164OyHzpcv5kMWaAOrE9dVstaV68_XpimtUFSSFr0GhWo0ysx3YCf9AJ6jlwyNsELxlvhSoxWdrFBWOUevXISYXex8DzeAHzHzpPsgpw743cNgmKg1eqDOdmSTQmvIrNhphWcCHtW_JA4NRurKbDl32xlbj342wE6U_UUUDAhM-L6S_kGAi0Pcn7B5US8U9udQGrnHrrq4C0T66XDMsNaDN8pC6aipHqpKexeV12CJicqHgZNr4AO4JbG0BIM4SGJ5RZb6MqWa3KKCIPDwz5nBEDpbiUHWATFLN5gbRDA8MWcO8Wkx2ULdBcshIsCsC_lvOkNMbqetddvLhvfVVgKsfyr8m6W1k0Pwg956gA0WS5zxxFaUC86Exm_PNOJ-r6Oa8g5CzcWIqYKHKYj8B6u5WjdDxnd8wMU2SjVHLjc7h1pSnxnVP3n6dLLl1DTpAxENxUoLuNa_ZbLCQzWlyLjXRmmjfUwYJV8gppsO1H2wCYe16vc=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  159. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  160. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  161. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=QG3iGgE4XbT8OpcGPFPsA5-W-gVv2eOWlkejG28GvlhxBZK7g7kTbBEJ9dU0tklh82ilSvgVGzpp-8yG6cUD-wYhnX7MaKC9XRGRZL7sMCs6mDWSoudMOIwoZOCgxnCpDM6UoOQsI1ecm-_2P8OXWv-s5unk6SI-LYYtVRIDk9tit4ptCss4-aO-fZMq6JE3JjkWxnzASteO93vi6F2Zn2zEotAnKF6OV9Dq3X2nmC5414XHz9NtMLDrpwovRjHJ8xkJ4PzZheGe4LEstgqM4P2Od_PvG3BUFs8iAdWItyYp_INh1U2_VFez4K04vv1F-EnEA8X0v4iWek-aM9LwI4ikrmDG-gO7Wj-g24HjSjAS0WmWgcBf9ndICLrZwbFPc0Stv95OTq7u1aD93KiL5RkYQPSk_3wust5FdWz2Y_92wWwMNxQHrL6-LG30OFk3w4XfR3FmijymasUFY2oJFFFwsfF-xA_MzHRUhb1-Ij3DNXIxGyeQI3VgpPOq0WQRDmiqhuYPJQcwmcIANqDCM6QVZbNIp7D3BPe0lpmQKojGHoLcT-KwWljvMJWAWkHEkdEe4AQlxh0WOrTRYZNSGcFiq_tUvCpj0L6kYEKbZI3UiF4BQ4ZwQCXUScVZ65XPmyK-mxNgp-kzcXfC0hAO9pNmg4bHeYDC_ZHbXnpvXJBGZkTyuFe3VQQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  162. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  163. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  164. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=2I4h7wxkYwREcZoYEb3hx8eS3jCIN6EDKCh---UWG2LKdvaWbznKIrgsIIQljfI1R23mwU_0jFI_7-_l6o9Z-GdfXISVcW91zSoxPVO58GvL7-ZCUWvyhuLsTJi2_SmVd5JU3QvwYJFbqQwA2zD7ZjnwlB-X0rPta8GbXapbmnkZXnPSedoNVDVlv8HvzN0Erk-PTbeYFdJcs_JjJiKqNI-n11raYfNClMBChsGujboyHSjey3MyW_LmdhYa9ra-vqp6DZBysYZcP02oUjgHNA9dCr00pKF9xXznBlKccn_kp8-AvDvw-new2lfU9QEWmZY1gOJ93aBJDJ9VBZesuvwvW4fCDTriIngPfvl3_XWg_l_sIhKk_0mXqmXfBXeHiS7WwpCKUV9WK6YwiX5KiuCh_7QpNaRoqwQVhUMgn8bl5LzFNosnIRzeOnThXsbr4hHZxD_NDjd2AWDXGdcITE4ZFfRReLWAiAKDdOBIXYpaP060UGbuZMKlfzd9Zy1rdU-6DBV3VAyscZgB-f1OCvTtuzpv4HhUhNeg9OTK54Vz-kOa_14pPoK-nqo887mFODiDNDfiXujFyUvWphqjMeZPXk5i6T7eb-zqg6lbnxJ2dUbYy5Bl8erTHsRfVYaOsdZuR1E185NsFPXkUzzW9zSzKPkVHL30pPxYejVa11UA6O7zJgT0ZHY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  165. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  166. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  167. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=ruT_buQAd_xQx08Auh53ZHYOdFcFhQTGXH_43eaMPwU5l7AKbQ3VhCdR9HZv4EkvHlxj_yB8A_L51speIMNNN_Ml9ezx3kDlr7LXRZn_KsIOMX0hbCjK2vB2z6cN9h76WgD3eJcGIzBRKPXmmAq7nqf8S-6bb79ECKfdvGRnAvQCIJ5OUj95UEpJDQ2IiNyqOI0pupNlzSh1WCTTVHlNs9QEIefUPvylsoypu8CL9L9O_GJm-BNyh6sQsZx2MVqJ9SH0PixPyx88yZ28AnNJypwPybtidN_iDM9LijaIc_gZiitDafPfaDnbINRDqL4uH8jqKD93MgC7Vb7w3kCD5zkJjNrq6E-cPbNzaVKETy0pYC2OkQPYzTzg-qBCOQPyLnU1--Q--f9nt3hN6RjMfT1D0qhvWXcwxIuxUvcLrQmkBMOUOtV_R4NRTu87jXmYgGCaeiPhlm16RVCAQa_25whvxdMbPa8yHisv2cEIiWi7aVsHpm4O_wvNDwuS5pl_J1nFGpu0Hd3Q6DJP1kpiHnOp4jKTj0gooVK6F-q2HnYlTjPhuaHJ3dC5-Zh8dIeNLqQY1q5SxoeeG3yT0--nCUpYLsWcREtccMZ0UBI1BqOllg59CIQokq6aqVrpfXUNXApE9beT4BJJhZUK33uP1ugALRzmjspANAoJufGhvc46HYH3XDWgM90=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  168. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  169. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  170. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Tfj7EwXQgViX7dZbvIW5K3hDrqPuXE_6gewXS2-9b7qNFOdjb_WIjmncEOjYrdksLc2hIUNPvjv2TgwQI2qDg4aL0itFmXhIKBRtSLtmSlru7pM9A5pSP5wRIYd2XIe6aINkf7lC42KS_tOsM4VJUiFaMztCnR5V2qO7czDIf4zpUhrKr9QhSrSmijVeUEz8X1ObWeFyprUCbRckGKJDaUak2Eni9LrUPu2Kg2S8sAWgo6-BHFIKgyZtLfG6yuSG4bR8axF3f5jZM6EhNqt07mKK4JT2rzT5k8On0CQVLq2FTAS8guixRFsbJ6goTeXRmyhVa-jByhPwPdtKUuUefsSXZIVkIg_dxXvSceJy3yMoBzqG-lPT_vh4UN9AGC-e8Lkt1arkhgWNSvYG4YPS8ghht1JVb2knIWmLi5Lm2k_hdczUH_IwVGFj6fjH0WfTE-ZA97GwZ1B2aNqNshognyFSIv8OoOkOWm6ApfpRpG2wfZR-dMZ7Csh7EAl3gHVnrgpjWU1gHy_fI61PmY5KEszCNAtkkz6V24cXgXhZzb6kwhbSZ5RiZoTLHrmjnefdEhsxUZyi5czZUqNJ4jmcNFYaIHfcDd_fLXLjST1tUyvQQjjnP3rEy3adak-v1JWkbpho288hWpe1dcjvJv5iaKRHnzEA_gtqAQhDuefvluMrYhwPJdu_M-A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  171. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  172. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  173. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Jx7qY2nfXNkdq6TOlK6rxnQuNx19HZjZCEyPRqKv55P9QYpIhzpH17gNn03Y1BW6hPHW92gKFFfUTaQ_0xjkPEodcr96hyTkr_B7SzQZVVPUqUiDGqeBfq30pw2G7Hw5hoEMN92-oyFyTXs8lPsqPT6SUgzxoxYsdZJYQpyexp_uB6x60qJaVE3lFgTsNaJInFiMdesjtes1d4W8tjksPMh4ksqygZjz5A-Dsue8BJeuYilvXS8PHEWm5xG1scG2oAyOlTY3U2-XIzNbKuYiu_EcsWnWvMaZGqOrhB6JuWY4FCwksrBXp_LiuIxYQP6DIVZxjqpJtcER54PDskLp_YfTEEaFpFgzSKtvDpgVovT4qRBFCZcqYpQFh8C6R_wsmulmJJEYFmuYGe2rkwyhVZb28Ko3ZDhqxbLnVeLRx2hGJi9Uc5NGrezS9KvmgH1ZCo6slNahYcSrRrv-9HktKzo8P_sNzobfh9ZLT6ua-ntBM4af6Ruep8hIcWFSAzhtqF-TgrwNA6A-3wGEaTdXl7oL4D9TADjRpe0M-XRPVaDBNbXVZMBr9c4gR98Q2c1NUgcbcW55Y7U0IJMV4AzP7aCpl3KyESgpE3ER27I19iSo_cMnOdWDaX945U59fJX14ekWyebz5OY9uu-Jm68B9ssBKh0EsiznqHk8AiGTBzp0RU_E3oS4QTs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  174. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  175. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  176. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QMTtJuawx8QuiZH_qxlrtb4gWqihRlRWxcYFOZBBX-WIidixRo_O--2wPBohTpSgesJw84cziZr5KZhP2KBHRxpIVNPrKqU6XOjjcF-JauEmPy-0qD0uM5yygB5y5xAx53w2114DGKz69JsK874M9zPL-IAiP1nVz95HJnESRO66fOzJgHRT25a8UJHR37rhC69lfjvcwb7jDtj7SyAItoEsJpPqAonw_dBDXqCEiA3odTDSIvvA_Z6MqwR8I37PRfASWWzoK8pYI9_BZDvMUrhpHEGmd0LBxFrLBIdHzC4i9eTuOPkkR3539VCNZRQhwWDDuYCn6LJv2kwETVfye3gc9_qedlGc7VQDGAJEznxQFkMwaSbLiYC9ylaMTBQjXh9Cv3fOW2L7oDGHiSQ8cFZf4aZA7W31L5g9KZ-bqRYcuQ2pLDv-ydLIaH8_lDud88lK4sMsFTHXD8ZDKczljdoZXEasqtrW48yER21LEDbCCTbfDljDw449WZiYG31ua2atNlaINuCkRBCLuS3rOIjzgAhwxissl5SYbdooa39zuDpq-8maVf5GJlwdNvPQHNCj7M2e_UoGt-ZAl9t7_S-vjYUyyqKhHm9iGPkdKo4-e0JDSDT9NgQPpr9x8nBXTcKVeZxLlCf6iqbo8_ANSoKCPgyO4ZL5_myxICmRQ4v5z7Iw4jw3_nk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  177. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  178. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  179. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=pVTJEPk2bOfMLZ3OmT5sUVOjJqK_56cTzkxkqjv3bSTUnBuKo52du3SOCFEPB7H0UwMiCovBw00kGrE-tMlRwnOuL8EFoE_f5DStoR4W9qzM2aYwIe2BXDQ9jzHp180FVYOyps6n0CcUbq5jPZqPWLPng4rB8hxQdfqwHJ61DTFc06xIn3Lt7glCiAzXDsNmteP5LtKQ0LhqMJbfq0SkdIeRR9X4A5mioTlVvcDohUUUV1gNKMUvho3bVGc83LH40xZ9l1gmkzqf-h7EFL4dum7Vy3cy4lrDyxBgRu07wPrN5TWBpqjD_wn3G-6xB-ClSk6IwHuLsA-s8hqGJAMcr8tj3pFT9B1SyMC35U1N1mND7r-qrsxZINV0LwN2svNWwiSAUYUqM5BfFC5iU-7lD7vTPq1gyIn-fB2zccQJIV3qc5zp-zvrDEkjDzyo-4w5PYpmELoLiIzUEY-YL01Okri62f2YSa3tjUTUYbDoPnqFdqPOGRez2nXzlj64L-sqf05IqZFiWj8ocRlOlsz6UiQeluf4NZ3UnJGsoE_eeqoF2QjCUNIoUBxGtJC0Pi_YVmwlEzVg1FtBzSFf_YdHkfmgXnIcK5gTx64B9vq85CWz7MFVFzIpJ73SlU6rQhjr1OxEFdZvyKteUK8F84h6Kc-s_MWOyJPDXS5aSHzHHlU-ePsGd7Ona_s=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  180. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  181. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  182. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=KDso1Nce5HNti0T53QCYpiFKfrqI8GZ78RSkDormJ3oknOd_cPLzVrd44X8gfgYKUA88zkbiPBJS9z49vqeVTkbzwzvJQD92_AL44xRaeAaVQnITJH5y4GKUGUPFsP0ioYAetCCQrjuy-JlehZZCodjHvhFAFqqP7SX70HAX0xdF_Oap_pG6YvxCYHxWzYblTfJdSXO6CAO7u8c7N3h62vVSjevpIMaJ0So48slS4-1nJMeXldxFx_Z_2Miqn7FvRzge3lPsjv9_idfPu60_k1XZY5RjKx62URCqkqUwIMaq5Ay-Z035jcoZKWh2Iru7CnneEbRtecCqhJp90w3FnvLcBXNpnhlTcIPH-_9cOt7DhVwrH3IpHeTndzFdUI7VJ4_SgVmGSHUsPQJkoovNB7Kl9GOwSfdiERUtLJbV7YV8ZJZRub0RzwNRomIe8dkkherCctJyQuFksYC96J_aHbFQy680muFuu-tm8GuGOq7c82xFQlTR7tiUi82JHXQJklYRcLcc7J0iJje0pRGlx5nJcUmjK4jVOTGNDSIcIkbh2lbMsJuB4ybImE6SGXHGQpQUFDPc0peFzkSwRckjikJyJZ8sPRAQgxEogd53klG81tHWV22Y5B-FQ88g6uD6PHlkjvE-tGfnVA32Mkoic58sYI_5PAlB8n-cfEClGNMyblACsirBGL0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  183. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  184. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  185. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QUecyKf3fFpn3n_23df-ihP8TUBNVdx53jUuC-BJUkMWQRzFn43OoyrdJvUMNKjMQKllo7-VAlkeNnc0j_CuUasMeNYR0aaVscukBQqnT7jyduUfL_qH4sDBan-_zlxK4yDPG8SCO5sim7yU-bV9oREu1dyjW8DffBY2eVNtIy6FsOONyhBKnwtQd0e0EeIYxbejjClM5TAGf47z47tRTftmLHZn75lu01uZwfLqOuu4ErSyqd5U6o6L2ABlINpFxqv4EV_Qe_CR9BIhlLPIepqeLr6EeLhWBlvtkF-AkaTfRc2q-tXC3sMYC5ngttUE2nuo421dNdmFlkaH5QxAzIVu_3SNxIXJZ5-rh1ngol9hp3OgLigyeVy2Wu7Sapvh-_4k3v1hd1dl5DAO2Kz5C7d-pcbscL-22SAXbrwaSgulaKh0wO33O44P_eVE7E8tZX357MVrIBZu_H61gHL_4TmeSbdZqLbDSQLcXkI30KHlBuPw72l2k8lhPTY8jm0E7gzH4wK2SbyFb3CmRhhF__ew0M1FSwUTV2nNRyruQsigqPR1ty83uHxRDeIdQWpNbrVFeEcqIEV77qfSvVDNysbr4ARaQ1KIrDe8bBWzII71FBa-MZhuOGyL6SQA0PQmhM2xfQC63giUGynXCxJ-cN1P6_vllCS2UQxhbvBIL9pNFbC9PHJ_utY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  186. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  187. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  188. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=GEDDGkkusLEUSZzR8MC_9VMMYvrEunl-Pd8ezsiJki2h3KchmvXzJNNpRrJgKVk0fJWaKHJcOuMiYkpUgREdYgoz1uPVsNyuJTyYAYJkmeFSPUnnjrfWDS7It_5yyeunCYFS43G8WEm37gfz6EmIn0c9Lk8Htm2evXu73g6hCmCFJuOTlNB1U9WFpEUbOWwDBkEa4P9_5gjdwXVYaUbN5sRX31UZ5qn3-8LWjCFGl0E8iWqxZDPF2EyZdLVXStFLK_B2SfNb_Xj0dr2CCvsCgczPI60J_RZuUcHBAzQxlU-EEhEw-bSSmrWUruwV-mint_DX3YYZBLNhE_hCs4vm8rkW-7mXtCTjySGCd9YYYRDu1DooAw8kiMdT9R22kChBS5fHMGG_fQwGElqSk8vh-UeDkgBEZC9jVaR6m7oF-vnBSD0v2im-zPLUk22knRxYlh-_4oeCiuHD9S-zKQX22UvN1SUDXpJEe6WCl0AZCQ8mH498ybe7wsYyHhgB3wIDV_CrErYTXphKcvVGs2WohiFV_vIhypB8MnR0xgie9M55hgaHI5dvny978L8a6ISgpO0HW2AzSLEH7ot922YTM9NSHCBkDQotc7iHt3yvaIQqXzLf9RTs5SI_KvpJfdRYCHSUx-IlBc9-yUz9P1dfhfCQgoAk024veLxZEPm37T9GU-3Rd46v2go=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  189. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  190. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  191. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=k6w6k5Mp9v467ICUHPoci-OT0rXVr08LeHZWIWHJT0kZTi1gs_mJRKPLIOtjerB7_FwwEyN9ywGT59xuO8vElIJBh6VEpOhWmUhRtpe6cPr8QpICa7mbqOygOnWECxiIRk3NnMP7Zyj1ZO_SrNJZZ5_Giz8ywvfYNVyKBsMkR1k8dyiS0isOR5Sz_Dj-hcKdFSmbtLoxpriShmbFMiWe5e4iXwhL0f8AeVPEeugcEqzp5kSYVyGdYVELJNEkccpTIaPaGhtHxzyUN9AzIwUIXekAno8DYtpkAzMWEs_Noqlwn4KEWEPNEsympcGGF6WFHWtVLUxeTOgQl0LdIGFvu05tJNOHjuFwXHmmHVvoJgwkn31FzTLAKViCqAJz4OI_pJk8DNBMXWHft2QoWI6IWt3f98xQCWEBBPayDJaEiv8hNRqqoc5ij7in4ZgJ7wwUjy3NoLdOcLCuIcygT_fXljFL4CEiCEwpNk5JjMk5Xj1obcYsnNypbnkf7xcQLXj3GkWYb_UudpCzweNT8-TLTPvKPxLZ-k10F4Z9wlVNYULRxyQDTiCvo8hkoiuFktXjjd0UXsTT4lL9Aojf6k5ZTSLe0pskVxVKVGpCXxXEYJn_GuiMRWcOWMhNZcCvIo1etoS1NXUGn3f2_PE9tqdGO0_UjEtVFbfOGtol2YCmAkzauqG2RB8T9rw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  192. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  193. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  194. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=2vtIqzUrrm8c2IFsOkLOhjLdVHyGjkZr0NK5ZvnA0RNdJdxtsTvLw9EKnv9JDQUOxhfK17Lu3_WCRwaMd_a_hYJNj69E8iWZP_ahYaGcGOIodFNVCmI55FWK9ii9rMsuVvvyLutvfQuvNTVq7jGId5PGTm8K65HpDVu_a9m3_ojhrqVf8XdnJ9TqhEiv6giSt6KQc0b8qcubh5yLo1ZQy8mPgKZk8faZHPMbYYhNPRJQBxUe6h2oRAlehNJ6ckzuNlbs2Q0DBGBv8GGt9FH16dWWi3tSCy2vQyKs2LLRVYbYys1mb5jUJUGxwDJ1kVsOakKKUkuFsOLFhdja7CbOoPp5wSSBdE67K0Id3HbCQEndYFc0x-JBon0DRAtdHGhFV2g9ht7oOHmhynNcASGE7J-qraJjaxIjwMFNo1A3tOFn-2UfleBn2Zv_IC6w_5ALCURTA_bFxeLKl5LwAwLNTN2tnLb8o64tmnNZSMsReLZEGQg6AQr49qFgp8y-Cin6B3lxt2txhyEf6i6qFQMiYLpCvtradrkBePmm7ikG-cjFaFmNid8Mdz9Nn7sbKgMR08w850_yGEXOMvMN27H6bb01YCACCHY-LuxXB16z8lh7BlkCx1Abf64xOXMgZPj1xC7Az3okrx83t0RXBT3pSBFIJdhjzIQ2UabAUseKuFG396TfQ6Rw3yw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  195. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  196. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  197. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=5l9gWDD26_1ZJFEpOrgHC-G2-C2JMHaziFhc03LHM_TlZ19yJ3yYsLexLqc6f0ayRVDa18gImraNRx7PKEkAXHnlJsx2VKDbij6cpJMN88jJkrbu5BN5UWbpnFrLMRXi8k0vpsG1YnfBygXZCZIV1N9WVJGzdrLm6Q8PV2LFY5tR87WOyy0V4nhofWwi13lktluXG0mzzWme2GlDtOIzbCOGGuSwtA5DRRkFtQaDGnB1TudD1IlMgVHGcetQlPCEjDbvaGoMlyHhw7nlW1pZyj5Txi7_L4-i1-0bXjJEbTQQ8EXDPC5MjQyfFfvZp8f8TtO9ZaZJUpoet0xXfPBLNnEVoPouHryZK_IGdlMSL8p8as_uiNpOi0VDiLxw_jAU3OPxUpujFGO9RUWW9jCoUqsB2eCMufq27XIFD7dvtGluVBTq34agaw14PjceTyzojBf_FQ0KPkClWCEEgZy2MXv-_EhUbtHoZxqEy6RPCe30yqBx-5wBC3SNF3np5kHjsUopdJdIxKg3YHfLtV86ws2WEwxYgDSobPSaEYaWssGVtB0nbWxn5Z7xxJAaI3KZT4tsS4BPGKCE_F8wU_A_yzFGpsSli8QeimJzlV8W6efXpDhNZQEtqqiY2vuCICW-uqabdZ_miUFuSA7zRJkx9NZ6-9fhfcPRNayQ8ipyWnj7WR1uwK2jqR8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  198. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  199. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  200. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=eCnreg4rS5VwfMx7T4NTK9deE2fl9RPs9Ox-fW9MOj0lGMtRcaT2cXSkNpCHHK82J4aOYgMNvYrezsixZc4jHdPlVdI2Kzwqx4Yxvf85lBKAZXmKiWRpDBLOkgD_cRu378C4xIh_qkW9eurrznZR5I1jsnWJOBqKlYDoR7ZWT8asClLrxmM13wAmgrKF7VH0y6DlOtm60JSdVa6-W9t9ZtYUW_eD4-9VF7i9xu_sINX7FVEVcd91-cA5tZXL2QX_62ZX-_OVSQVUEzO7tF2QDORitKummCEWC2WDuIxy3gmWpS0baUctqCibwX6JkSCrKeqRm349gto24_uAj1KfZ8xqbQxpiptTztTac4phinM7qUR7XgIoIu0HJ-gBZQQOVJWTSEQr4AiT5TOtIzKL3QNZlZYE9bwliUIinOADXvk_O3nhZbsff5dQtxsOQveexBt_up5dcQuluK0AxP85roXKAMWIs9YPDOB3W6Wt4mNkjIZWA69GqoWRlpUyJlp4Tf4b-bjfWbB1cLQz9LloeS1lD5nFQ1LROgJ08d_mtaCB4iLM5gVNevyO2oRktsFSwBLDu8quZiG7bt1uNCrZaakG1D_o3DpKz3mUGD4rcRSrSDKEsGP838ZvtEK2_-Jl68jCfPd6gS2tG81UmoU_J17Eu5hsjR3OZNOTybBQUFYZC64AhSMyG0A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  201. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  202. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  203. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=N0UYzhkd_MojaZ50YwDwqWpfN6iWTGDyUkqUkVUmcUt2mQseLyG41GiphNG_0APuHOfpWgjzzhIFN2ZayOXTsesc1s8DCfagH6rpkoRWrEOgPEF_AQ6wn7Nm0SGeXfg8rwEeLsgPj-WkPU3cVXbvmLFHVzlb-eoO-pCS2E03VGvCPOqbHE3N5L70J4c4hhvZZVgFvgn2nB439Ft9RfYku4ZiK1yvWgUKYn9abi48pK-cegQfxkSuKOGVk-yS4O8PYWkp_x-wefV7-_03KlZq7XePDpWNBRGVB1Ms-q11DQJYhXlpdbxv1zQ9jACcYJjUcHSTheL57NQywlqf-V5oS23iIJntMmgxu19LKla1wXsqhgjnEHUvcAlHm2k2eyCBuO3ySQ-1b1f-YN9ke8PKJSKszv-EZ3p2vI6fO7TnhFpGjSK3pZJXqHLDp6G87gNWQbo6fQX378lAEnP5wVifAM8zHUC8wfL6uhLMnu4X9WVPIAw2n6ox8nrGBKzNdjkDexAHiBdMGBHLNwsa-KxU3U9Hrr-53Bs8JdfDE2TLQY_5mHPnm1SJpR_VBpVb8TN7T6y_hFUrhUZZGtHVhokQU5wSuZC9hj7aI2gWGbOwUjcd30bpyJOz1feiwU8ZUWUW1JzW4rff8Ih3XlTn43Tl8zamwZ5T3zdAerz3YffgH5-1YJllaJ9C7A8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  204. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  205. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  206. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=ebLdySfNT2CnKqLr_Qa2DtmDrVitcozUmSJAVCsjdLwsXNyARr1ziZIp7YW8O6I6r2ujR0KC8pCjef95K0FqDzUd2plPxujoCgtfkiHgs3YMtHCyPV7ZxPDO6lJ-xQMrdGnkH14by-yQJrLgkI22ID3kDC6SouZsph82ctKMZaUifNKaTyftD81mMi5mpxKLCQ8-ZVyOss_dsjgNFcihSb_p0Mk61Zu0xCY2IFtORkEtnJKSL0HdB-Hn4_eM5u1QFpyvaQ9R0gZyAzMBMJzOGFA0rrKReBsnhMyGAlp5NEKMBNYTOSktJVROJpUwVhQZPWCU03Fu3CiX-sOvtlii7ev6UdtvnvY-WLjpGYVRGmYA1VJGhao9JUu2OvRMh3Mmx8pYi9oSJQFN1SzYPUMzWilXNuK-2ld5O5TBEcpUEcn92zXKjt_OsQq6JbQ5MF2TWYVOQAZZTo5BFhHmOfZfeuwdSysPeeE9GLxDtC8VSQSfs9gCvvTsbn6t_KRUfr7wjhjnAwQu3NnODL-fofoxlsNuBXzzmfWaJCJ3zt4EvNUIfPHUlW0QMzxVZxRW0kyDmROoF2yBLUZMXzs45z5h5ZBYIbomv2wVNHqTPiKtYxnNL7jZq0yPf2Uajzq4Mp0QSoZiBuZCJZTI7D_PJWeepDcJhLrdsFw3Vp0ImxhVIjVhHYupR-b_uHs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  207. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  208. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  209. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=Qn13FUDcexCwiDvulTiBS-hr5pjL_ujR3z6Oh6i0YvpPZ3lQwbxsrsrwFvONyyp4yYWfHXivoTCYocU56808ImMRpafnROcJcP-7p7k56X4_qiO8C5oEW_eQsaQEmAZu3PYxyFbLpbIKDLqGJ47EE8mA9uQwcfVgiqG89iYwIXen4bYkTu47n0LpnkMpyhODH80ycKCefH1RhaYodmcrMqyp7Es_A1Mfs1UQu0Fej96w1IgrPA2neYYukjwu8XlbyXyWO7Vvd17p1eCBc1L5jchOB83JQ7dNRk41pj1ncHpvmtOH4JZ1Pekx9Hg9t2-157g0-CkBlA4mIhus240C_TOfRifZ-buunuh9Ab23qZFixAXckegDC5I7kyIAIfOL2qxR80QbeiWT9DzBBVCnU_fjQhtkFQnxwjTpOmCwSjG0bwwDiI16moCaX7QPx4AVdTnJ9rjuMoNjvtFrFmJyKPpgYd1Fo4e78C6Y9gAdIsrhCZht2c4Kbro2w-Bz3l-aXRDEopAQevkk-SByohFvuQAllaJXM1ZJb6VRhQ8_cEaMH9-PBARl4s5Zx-tqHFuzEX_2uI3w4us7IjtwN-Dw0oIzm00dZcmTXzyXTHeEeFgHk-QbTFC5mqRjkZ9Wu_DuBpmXW8QoksIREdsHNvsjrKBB6MDuDRrXB2W6zdGl2O_HOTqILm6gerQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  210. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  211. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  212. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=vIDnP_xY7b1UYUnfJFiUP97LJ_vnEFHIwr3kK6fbGc3uYQFt0N66RQCrtj3R3Fo2OvSai5sCYL0DTwkv8sus1Oe8i6eYs2UPYPlyyYWD2aM69_5pc3OJJ5RFq9x5gwd2W5lGOgf9bYF621YB97EfmENkwkkysAa_5EYZdIhGB4mCrPuRLnM_-4v9xXke6d3IWv1IvJgvMAS9Y9OIQ3ygvqDBL6MlX1-nC-gSxXhtxQb2fgEaYxuP6C0P6ewg5TGYG4XzLC7YP-MjhXCTbMIvR-6hoaJCvvO9pZmTfho3d8q3G0UJGj5mmWQ0Uz8CfRLfUsb_hCsDPCuZnk_ZJ-9LTrEragCrV9l3_PvXMJDU_Ihv6CWaqZ6L_ePBqZEf2uircBmrUtkA-oDW_E5s3CD28gIiP4xLdvW7NAXZqNl6YNLR9nOu1p_Lh_IeGl47g4zGPLoa4O9TqnQTAIfXmNMqDokkG6pIf_x4DLcbp5Pk0v9hRYrJqCM_PHtZF_PHZmG-CRVoCfi90vz0re3C8xyYyuOpzxltvyRvDoDTLnCOJm99EgU_eC3OFQoriFkKHtiC6i1Jlk0tSjCTgA7SafOcAYY1i-3d7kR58sRBCy2SvviOLrEXW9_ZVbWRjaUtpxDofa4OOmyTPDlbf_9E-Cjs9_MC_M-Szf-AI6J--YHdeQMNsuLdV1mpKNU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  213. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  214. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  215. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=6VbHsCA45BoVSGWftLUGsihPT6-_2C1mqp5idCEeftQmADDvOjxySvrQPkEjoTWUY4pplwpV7PIpoZU9wtcAP4XLMfsmFmfeSpbwV8Tap6PGn7oK7Sgs6xAl8VZ_kM0riaKMQc1umnvbsBwkgW_6jCNAF1MoonBGU0bisvAAlMEIANJVkk0YV26uATYmb-pfYsSXUCGjsTj8VUAa-XsBodGOsR7RMZSdbZg9pquOpF4UAz1LzCZCk9WTwetdKlgEKwen8Q6foMIp1zfh1uoAu0IdJMPOb5KPuZyvpOZjRFzxWLm2KiBsGjV_c-qH-vaQLUpMjXWdqQuAxc2LL_AlLhoP1bZBGJFxjznxMu0o68xh-hT_JHKQZ51YgC9_NTACjEph3LgXpEmVYqjpgsjfWybt9c35BrVBv4IOzPCftgIvay1CZzOV3UorVqVuyLDzVgaUeGrc970hJ4_KEDehysAt7PzRjNat8dErnWRnDZxO0A2-IS6aO6uTwXJaaHEur81PcRYCfWXGC_VkzZwNQM9O2PxbCNJpCtDIYWgNkkrGR5YVCH6XLze3cgYMEZMbexvGfOCrAAmyze2ZIBY2LQqLMxieU8-IqpuZoAGwkAFULa-MyLRGgx-wV53Jf6RjDK893ATDHrmWdL9gUTOIiqbGptxavN9wu-jpf816i8DbzeQfoPmwT30=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  216. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  217. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  218. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=91mmc3o2hu1I8PRE1FU-_Do1hH657_rESoEednLSqDpQeSJrxokmAVDMjE6CWDI8SXJ8l3_g0q6NY6CNf-3B83pHCY2il8gAxoMV9h4wFGrOmhZcWIhyOIumi0Lfst8flvdN6SrT4dwtPyBrTjsAEdYNfKj9xwfOsrCtmP082IhK17a4APfZCxJMH9WKkUHFGZ2bKUeOVsujk6kNbw7qv4EBYRFMgfSHwTmYdBNdE13aP3RdnSpxVKuAKDOHP-JOWG1DtaQh4drJnUAdbs6lg8Cwxgwy2lNTZcJGlEak1uk0VP18Xm_V6Yhm7M4aIMgbVxXLgRrzwe8vfqkxaFKqZRaqduqL78Het2yggQX3jwm0NbERONxOroDem7F9CBRO1rlSEJUqtEoZKvO65H1QFjYz_9Er7BKTsPlNd3-14AC7IOcFlzFbNfBE_n9uS0kM5NIu2pIgwcTj-UFofeWD0NhgZb2MCZ2kuuDSQ5W_f0lw2RaDbYXI3YEP-SOBIsRyFBeqy67a56fE-hqvVKQqivd1c5WFZvSXq5qPx1Ysr6ICDIrGZk7owm86Fim_1AcVZ_v_exbwO3xNsvMGdimLjix77lWzvd6voRy9Ykq14CVJssH_-FoT_khvudm2O2jno6vDJQ-C-x2wJnRmL81I1ihWJQqWrR25E-8T_t5RWtJOBhSDxJ8RDD0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  219. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  220. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  221. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=mUbgnCDDHlwpxx_LsLhG08gH-d8ITkHo2JrasPKZ6veA4uGqpLEwy2hEZEfkeQzvtjuXIRr9G1TA9Ac5zEbyQ7RcGaYzFIPKay9tN7ABREaAbNskpjXpsiU3LUg-5CrfmwryRunoIW3vu5M5qo1ghgN4ATcPHMzMMfqH47hyxuWs9DwQab9dm2tG2cOknjUTyq2nLx-PD13zloBAQfD5-PvY-W1_R9J5x6CFK189uqBu-7SQs7SR2xaGaMeAMxURlFZ3LtgFAtkmKwavnDLt6IpGnY0xrEcZ9cG9YNn0vy-TZ88-rrQpp4cYHnVzFbusW-h-RI3SKlqMOMN0Ab-y3V1iwnPpbR6iN8LzMMavoO5nS-10VtXVgmNdVYwxBce23W8RPSpwxiuuLiNRvaUXMylUT6StnJBTjDWeG6CjCRcQG9ZvOLZw5nqo35fgAp5G4wpmkfe7LICnuwlkTJozddqMzhfwsmLx3Iaq8TUMHbIXfUg5ekzsDp8pd5A871WPjg5G60DTQGVakvNikTLzMjh083TvRwqiaw7tAlZFK1yJvtvPtA8ZMYwX9JmNzSmHLz13nR86YPmTpfgLyZSqYEZUk346T5OMKZy34qq1uXMG0om_AwgCwZt8Vns0VD1uWzkJrZguAveM9BSz4yUdkWK9v8jImUpXO6RrDatMyiVcsSsAU9GOiso=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  222. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  223. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  224. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=fjVEpnqxkOIJ7l_ZdZAUVXW5cab98TKJMAez1CNGlF6tf-01hY9KiCN96oN_6Nn4t8NkEn2WzHl5EBxKFcwmBOJU6mT8ocgmnC7PE1ddj-4yi1UGmQv4AafbKSPIcOLXrJC9wG3G_3lteGAmUToITzojDIVN835Lgldhtvtwqrg22RYzBpNCWBWddK0k72NE2yuxGZ-5G8ffGtciI6y4tgrwj0AzJQx8injjyaZSs9pl_o2m9yHrDpy_k3l_swHhSr3CUUHCr0MAP_XxQiQNsp9-7Bmy_w_tXzeDkbkWGInWALM_-DxVesnglobS_G2ClE16CtLglP_eqKN8NucdUBt8Jpq5Ju6YYdH-DEc-qTm5rtmYCez_THbYmdquy8x2KBZ-8JOUYcV8gKU4ET8iyQWY1lZ8Lgfyb7vqHm2XnITOxpohjclhsp4sqZqX9oVObtPY9NSnSAwOUsky0_CilHwT0ASpJv0pWCGMHeIyWAwgJi0V2CuQxVFjikRk8fxClrnQ6uIvqoKweYrLUVCu7PPt04IjQwtswQ6dweWP_Cj7e8NVPeYqDMrFT52bL6I26Yfzpr1xpamQwL2BsEFZGVgf8DzFlTNfyCywjzrQRKw7L_AivwgyFTeHK4ImcNe9MyOvOgJCRWVLdEgwJsnvPXn-yQ39ZkrQXQ2vxltwhypb0UkfvzgQrRw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  225. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  226. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  227. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=5YID-4SauU8VyKlGH5bY1cnmxm80KtLeR6C4dRe0Y0K8IBnizv4WKdhQZf5C7j_nd0Vb0SnWr24COzKxYPiv5MlYOFLD4kZAxp6rQCSSLGZOe31zim2SpGWxn0SnfLOA5iM67SeHqz6WpjiVzzPo0nM0ABI4Dc3_RdyKBAHRtJGPKtT4mX3z7TxP-bsQSBOpe4Ngm6rTL6pC5cus17qOEZEGImXKO2y4L0a61lrtL6uxK_h2XoorD4gItM-RN_fPNWceYLHm6grnORaxPHFtZLgzgyEdYmn8hLbNjumMMheV_cx4WIfP-nwi03FR22S5MTL3dUHO3Rdx2pLtEDOgRSKRz6SBKj-YVg_2kXRHXvmdvK5yanz-6XI3Iybik7rHhxdncC5QgMB602k7xiVBhfhbZuI73GUPWhMGibfIGyVX6qV0mj1YEMOR133BoYgBD27V392_s-wPUm-9iHiIDrXCOWG-8V-EHwdwqgkm-5Sdx1JAs90vWzimQdRQR1MKS5V4KRcMrx0d-iGQPDaBVf_yUUqj02hCnHXX5X9x66QS3SYX4n2trisfjKbO5Rp4reSqBkXbQhwJGvoeuuO7U-u0S9c5fFQz8ySiJwFU0K2jpx5uWYsUt_LdjbqJ0Nz1u3c_K2raweJ0eGBB4ELitMkK-kXsdfig6535M003Ni1UB652jAzqrqE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  228. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  229. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  230. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=gZdu6n_dzti7lExo3fvokYzUKZluIbxp0uZtLKeLqMWmo-0ngWW32RpKnEsPDMN4EuiqphSHpBe2Np3xPdQScac_ZuWEXVxna6QZJ5DRMkD7n_DpuYwpUS_ggdvJlF_PV5WsSbAzhVdkfBFSI9r5V7kzH2v8raFaAjo1iaP1EHg9VTkEuPkdlEwFN9Rj6m-PrhQPB7cA1cx6vz9xUgGRCTEiBNxhkQj37efP_6-ZWZRvxWWhTaQPAfrjLRn2xu0bAv9H2oNWfV_t55TmpqLjuToE98j5szoiCtj2L1pMjB_lm_JBopH1pIfSBiokr7fjAzLe0YTNPoT5_DDZo46e3LcIqECFDvS7sFUga5X8cWdRgm4-cKy2kLzVB8djhNbPHe66o0e1fzs82hpMxKJwCx39KBene6-8nYn9G5CSWeObxdJkjS77DAJViT4nGcaEFw7g1wt17gPAsC0tPnv8gaIpf6HCT1ZDgEHLWk97-JNWLJq7Oe7bBpjFIYrQqv2nAQ_4y0kdj-Dtaa4ZI_iSc4UQ4XBdlN_ziWPTJz8OSjUZniy1uMH6DF-zLrDBgVS0PPEz4sWPq2hrHeg3Uz0EqDo6ExcJv2IN50KlCJYZVYmlK7ZKWRZImVZN1Eh-_LgR4h9IAZ861HkSXJyi2qrfc4g1iVqmN7-iuUhsYsFQ6YIe7ju0jwVulaw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  231. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  232. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  233. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=OeBXw7A8Sn2DWxxn9v52xHy928y17qRSgw6gwK9NAi-XrOLrbVV4jGs-vTqb9R6G6lmtA59qUEPbMxZATkRVKY2DtA7bqv7CKTUQjUJ4uH7NHA9CQy4VGIY5qiEDKE1wlrNs0oMkKSnQOp80OEHFsiKrre7Upzrx3icTkuuCFa38j81IFhgJCqguh63OoyxJ3tPAW7MBRgYu08P0ES5o8CNJhlaXj_2FyytOKOhKBXJI5bd-MyzQI--80pJ_qEnNF2QF4789Qk2YBbbRB0HaYAeanrigMKMuBMCdBpm_OAyb4gXHI-nce0Pv9wukLEQHAJtFJY9bTDIczyBexuSOn8aqrWoC952tBpkTjJiApU-r9jl-lxQqEj6dzB-ECoY_7UDXARMRIhHrrA-dZ8t2sOFim3wH2l9vzjzWs34S6BiHjxGlFIcRjhk69Ov2FKVSKl8z65zvMk8Do-wd5LSVgsF2HRoK830xnITbRRu6gW_0urWyf0PKUGaHPg_u_y5nE0qKvu3AIRESy-juQ6cHtgS2kf7Y5h3ZTkyqz7e5KXtNSR8vE90_xeqIyma8khSBxsnE3ueyf373hhCpgN7NXB2khMPzIb98GjIlV36WT1Vmhk8jRjlZGH312Kc3YJzSYsZcGgmQzAHBAOpWJMidPaLrIFjMrgiP204HjjVQKZiqb-yaK1U6uS0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  234. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  235. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  236. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=ESszcBASHx9NBhEE1UthM2n2yjaTpDFXsJizXIapJwOK6ZlLPGhM20O_NpkyLYJsDscz_shZR92Et8fCoQSbmr7r62ije7y6o3E5tIF0T6MjHk84kNdfNSzWizvO1mtzH2WpYWYYfQphurpR1PN3MO1hH08iJU8MFvb4iu3bYmEwBQ0900otAxikwPVE2NlBNMrJ_9GoNybH1w-lBouZBpjZGaF9kb9Z-TIcfmkesN9Zd_LkHQZarqJjACgW1X1Z-MieJ80iwYOPghova96GECaFBPBvJrsuczGlA_RtenyAkbqO0K-_Txlo-jl2tSOTwy2DUz_94HOkn67w_Xp5BJq3wjOmSfYo6LGkRylugKIm-EEjePaxDj_JMovTnOQC8vNqxObis7ljnUULP9TLfp0xWditwqzWBU0uBxzONz_TCoDnbuZWvAEoVQxet3Xl5_doBngrKxXFtY_BjiCIHTBt4kyghi88l3EAIKAyD4tDBXwhDiWxz7bEnAH3D7EVClhoVI7uv88K0dUwnH5-XmPcdXKt8NSwo37eeBxsZKdg1aaRLVEezC5fAjMEoH97CERKnYTfL0RfS1qYnzTabeuA31eHfqVVpQBKMkALyFTGVNghFrwW8WyHyDzKnolDHcxGMJ6ukiAkA61U0XK4P0TtwiK-Pj8M1_yifcSZeRayFt7oaTcKQN0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  237. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  238. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  239. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=dthBuQFxM-QpVFLYO88qcaZO2D0Okqe-9YnCpKJEEglmTiSVcovt_A_d5ofAseUN7-RpCdX5btk4bxIq7d5OG2UMEnrGFuLayFXelAd6tUHFnAlrRi7R86hJzgKtrM3qlf1oXR0DUxS4WDJteHgyGg_gMHTNNKnNDYklzNSeGzGtroFn7dDhbqUIMTsZZ0TkOEyGu8Sjm5F2wRmz1FVnj0fr7DfUkjWFsNAY34gmAly5XOv09oletqljqPWTi66Jwdsz0QzGcWISWwChAs59x-N4TWecgqJW6h6uHNeZfxjo7xy5R8mHn7km7M_EvAp2qPQD66RehCOSVzibBniImoj7Nl94y-iV7BAehcfiVRX15H6G8uSIJgFarM9388TgF2zFzs836tOaEZCSDK-zO96_yE4e3HMfgrZlRboyQ0_xqdl4rl3yMGm99QGzxpZC_87XNEsCPEiFVwjA23Y7rVdgFRizdpEmPd_LA3dcFuUz0xM4-uIY972S896fbsowmZ4pp2zyfcAroTam3rZaAFCgL1SPycAKJj9pq1voPhEOoQLGN2PYGf7kyR6AdPLCJCuSE65cdfBiwB4WRdzEp13oUOt_mn5Xs5Tr51_Z1NuvFeX4xF4f0F7cXY_uB1_ICZx7mG6eMaly18You4HsF9gCO-xAdRh_fCRYhyqYUq3ocktXUiYPwdg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  240. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  241. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  242. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=yniSpc3MeSt3BKVj2Jj_jxFUeg1VtjiX7VH6UeXSs2TPgGica33NGEag3HXwEG1jW_Ex6L9WbjG3ERaCbDigCja_iaJwSMSnSnptiySSN63DEYh-qA7S3vEF6osJXsXoX6KyFw1RTX-UiRhpF063qAcY0UpMgLICOhOlTIFvgNqlMY0Xo6rqQmKj9zRnUIBe516G_Ihp8qvhb1paAAjHQ6fBLVJA-df0trYBaHXg7H-2RMoJ-tL1LKzJiIGu25OM8sJ8Hzz5gRjWgUAmUMMnAw3MHdOTPudf-cwhTwjupQBtTsjVHOEFxvr3uzkXZxiYsYvq9ufwko7Nl-CgZhScjH42_ap_YZnsK5q26HjXPj7tYUl6HBtbPTJWlyzHQgQeTEonY2QL4nUB6x24y4re2G3N3j9Hayr01quz-UVxkicDkjMS0GIfyhwIdN37XStkuvE1uxp2Z_yZQTMu4fa3SiNTCwdSBMBNcj9f6BdFDxwiFo1e5PjhQ3YE7kdhnN4cUjShPw5uK6dnzHn9FADRDBvhq10AId71xUWJ6f_XNlBVOgOsFUPV2uP7AT8iQRQElxXaY_dSRUA7nGl8T6S-34OAA2x-XKWQbUs5d4plmzHqp6Vs6-NU98chCtRjBht8r3nFyj_d5BT8_1GlCaNNqRmRBjXvAarOF1K8-DBdfut0hHLVQVTxhqU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  243. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  244. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  245. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=aGqOoQz2tHTnfr7W8CBFUDXY3hp6UQl7UlsL-pqzdkZX40M-8hs-xsDFNpFM8AZLEpX6M9_lA7dpdbmBkPW0PJ4c95ZnouTtQvczzx5gVz4DHw569_F_kRgNneaAj5cQPte_Ip_s2piATAsQ6BjgdUFnBkyraRICdZUr4n0NLzfs38ghz_R12zPpcCwPCUdMxFRSS05b2Mo3Ed2RJBOrqZePh6lZ4S5ZuXoak2V0xL8CPwnL8g0TwIv76DcKMmKdTHwwW550xeeT_ZIljz8AyBPG4-pypsvqKyjSxSJdDtwRXOV7Z2MotDv25yuY0KFwF-lLjL_2BOQUAZuL0hrY3cDtt7N7CObRHNNNQAcbsrhYd1hrXv2K6lz-r_3Y0WPVDM3qigQj3JuhGDA_JCnvNOjXvkBk5wMBSYHKqQxU5YNY6I8jeJhtwNdPRuPtbbMfAULQTHe760_ob7VecL5Zrt87DsV6_CjKjdKjGa0QxEYXhBi6KGigM98opAf-VPqdIkeTwAC4hGE50GuPkCQ4xZgu415ftcxGMsFyMJifeQI9XiGKgPIOus7uUwiXAtPivqM5EEvb9TDddf5vA4L6lxhlEafzVrFgiVAYFbUMhzaNRaZfe4Ci0bMYnnNJpOlmX5HKBkJ22oIl5uvGwhLJKcSuQQLU337fTnQyMEVDjQCbi9-N4lAh1-Q=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  246. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  247. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  248. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=gG-xf788bAX1DGdUgCkCzm0LWW9fxh3ZOFgIYRYR9Ze6TvkwyX27niAFSFygdqhTR4Sbe8QnHDsLR3_iN_7JBTZ1VN-CnBn8NJ3O8YpAfZ2RbtUSRUz1gH22IodHcWm7R2zvzV0gGu2CE6z0bQtRs59mQ4Pe2x-XhdUH4s74NzvaCOtxFbVe86Y5oT0sVwqTasLahMV00GS1yNNWx7mc3mDyKYw74NC3nrIY6nPNc9VqCbZIjKVqs6o0d4-G6OyRZuyWrA8rHxL8aC59g5Y3NJbr7D70LDcU_b_V1NNQdAA5UhjAT4ZI9IYIX09rGPmEa1d6yJpzTXF0ko_fMR1zZiUfZnN5MbMocq7kjNq-GIhAzYwCPP4RLK8XJGgGjxHaPjGsME49KGtPeDXZPbaithCC6lLt7ekzJzCIZDQz40nJ6xVMUsi44hsvTC_7ghdYAKQ1_GjV-KjHC-h5XNRx0j8YlXChS7n1PEB8ldA_Ge89QTjQdIeI20PI-uk769lPtobJ4aNENt3603MVMhIJcqbZT4R8vdenkeRgqE2jbQ3XXyly0BqjfuycejeunGHmnnEEWqg_XbWs3gN0gTaazuxzYN8Ip_jkBuZI_qzo-vDd4WRkYVjADJxWES42tc5r_nvt4pvaTG01EsMenUAULzySdoBsH2TDupzCXXdhAEQx8j8VEeHTmo8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  249. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  250. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  251. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=viQSYVShf7dva8aTaY639RFj0xmgKJU6GDlPQEDczpLgg97LufggV6LOBhdaF-BEW2__hn474tlXeVfxmY2tsXxDMvgsbOcoyw8Twcn0D8P0Y8QRUg0FZwE_B7Jp1qk9R-4JucBpIBWYVx-uMAoB77TOY4cjpxGvAGmYG9G2R7CoqePamncPoPAEbU43Z9BYS3fcAPzK4vutd-XNQz1GAe06U3Y65y6SDGRO6tw-Ykwi7sw47HVLrhrEqiiT4OkrzRms8S-xce8ra4KzTDKFtEN-v46AG-SxKzZ7hyhlU_TG6-7egOT7DrQEv8Tj_d29DfI3mr77TEdm0zhu0rXqVSZW3JVBCHQOFJFzOkdINvViUjEUCFw3u3Tj7oinHyuAZ2sSrfoYcskyP1BQ2xG3XNfusvzhoEBnvjmqyv0fzKwE0LNCjujHer-q2Uyw_JTCbGS0xV5q4b0YsipT4dSufcOaXef4wi5hSshfKe9M91P0ku7gEQE0vkzzv2WcWTbH2rRUM8zm7vGXvhWKBxV_jzPFpW_CGKHJ1HmrhGANB73kV53CK20vY5hypBDGSEni9t9mDSAXz1_B8c0etd6PIELpUjp3Dr32K8HuULhS6Z_Q2wRgYcBMANRJ-2jNp4qILrvBuVua6DyVgBugzBljbdqeay6dwCyDNI1FLckBWUZ93SvOF73vdY8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  252. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  253. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  254. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=oZIXugW4UaLkL52i_pElYYzY0mjaGMfdhlmdWWOISf8eChyDRudM-fI56UYPeDGpx2YuMKpsaL4hl4Qqu85ap_LSwCDwbO15WJg3gvR5dBdM0VqPd_yvDDdTBklTY64yc3sAHsuYx_lRKvBYTxAfJ6lgfmrhfVCXFk3wdKWflKZLeQk_N8SbxBNplgYjfxpZLdFYzIQPUU26IrioTB3BEKM28_zaG7N-z84dPEDNIk4Rqs4BAcsqWGu76f4awXTgQOXKPRdjTLyI6cnJxKCVU2nIRI5Heqzc2GqKTpd6Ev7GcEeLe5CNwbKYfFy-h9jtRJK0ImpB2GQuSaemOD2xhzUSNEdzYw2EoyxjPQAmU16caFwiFTdmyZ--kbRDd1dxVUvJaJimVyLJ7R5-Zfx5ggM80AE9WlKoRdcCvYnFEnxI52zGvRYjBwotWzjvR2w6WzDnlDqK5eV0dlpzE4WG65yh9n1Xtditus6mYjAYA_5zZB4CReXV2PH_sL3NuoCxBXY42hUBKepMQsQXgeL7pZEYZe2_S3uK1JabmNfTblAfVVpJVnV55L7yGve0LjJd-zVpWzvtgPQ5Z04ecrJTHa6O34QD3WJViN9aYB6XoaBfYRyW-pANynNggvOM3fTdwaWRu98iMLRvsnqPtOMv1oAIVjrg7tHFgZlpHDDalL_V0pkYxtTABUs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  255. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  256. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  257. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=xXMmJixXf7JEDCniwgMoIv7i7KnKi1HblpWeC6m5ZdleAaS06dJjonomUmNK7uZrWnoEyLbRXZk6Kcg9VPZnz9hI4T0EVyv3QLWtIMqxJmqLW1E_9ATEqNu1AKrqcDzFZF3jDiOyFUOBnByPYtJ121SVkoJaG8nv6pIorzW8F3RITq2GpstNRVB_l0FNKst5HyrACabea8iKWMjTrMINXRI4ckhHQdQuklzTjudnqGv6xaY3Vruf75hvrTpCmUcd8m5VgdmU_eYwTzVKNWkV3uylV9C_GmO_Hbd0kB0kyB4HIqvLUwbo9pyCvLByYOXgwFXLPNOcG62A_rgzIu0GNZRnAT7Dh3Gr2ExZrGN329U-Dznjfg3gZPtH49QGfalLNIwC9-diAxCAFXma3q2mpTbP2yv7rfY6eoE-7Y40F02rYea25EANrPc8xQjKyqzH87YiIy80-IL5hZCAZG7u06hOP3QRbgdaimYZ6sJ9Pj9Mq28_x58JRTj9tZyF_w5XGBJ7E5Eq2OMLp2KLWhoBqSng9SM7RMtm89j2K0zJwANUkxuraNkVYnGwaospQVBmOcCUBOFMxizCePBa0KPTj5mBYmNffTYENpaV7qkYuYjULQIidbyiAFELclbwu9_fn0Y5ohsjXs_tTcYXpoiGQV7BARPBSAi6P3ZKOJ8G8i9Q0LTRN8_pmqg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  258. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  259. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  260. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=1aySws-KrHlxAwlNhl3o0Ta1oMzPiLslBaLonxgNagaY3Ua4KquwlVFVJ4YeolL1U_zdOC2RwrH4NyY0wxEJ0RcqSi1GUW5Qab16efJttaResdLIhBrZPSS4K5NAhn9oK3gd_lXvbHNMkkntWdrLunKhzKEUpsU3z4lW1chZhtT3m-wlSK1Rq3tXtQtRWbJTBT9KGXN5GTCFZwtjWH3oMgAFimToDS30MnmTq8K7XNbeNGMKnH5uWy2f8oic3lEwDtRwG2Sart3zJCizu_ASdLuiIWw2IdF2q8iQN8Cz50dDWa-Oe2IjsEkhOlfRu4c2K21htvbpHCZcF-sdQdnA9Kpe0hSzMzUOUToNgOLRNz4lrJVDc1MgtJBsOVX1vrjcdGyAv4j3jgU5n6rB0yYPJ-VOjegojeTS_dZ-1xzPSH_R2VaTnXIB9gODUkXC28egSjSIGUw0frurp6JmKIa95xbZxM1TE3D9eAcIEfRtumAz2IbLAVZ-ZYjM87PIf3UiwS04rB01wutvVXkSHMNV4GC53dinNDjFLhafX49PN0y4fOtBFwk8UtgIn8wmgmSlMlAdKEj7aai2VQs5ER2w86DIZgZ8EQ1H_DjQeYyRmjZeeajJ2zK__7i8BBRuZi7tOmBGCTzD18D9kz5sIAosINmp1qgyEIDklNf94bdmw0iC1FbglYeixXQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  261. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  262. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  263. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=3drQm42VhuCxhmspGaez5liI66jnXdna4OfzV7ZFaTbwp8uHB5ST3-syx44adXvUPS6uEaxdsGJPcw4xorqu570EAnLGhYqAlw4wy0MWYtDDVxMhymGr1MXM6lAMmTKUi_NS2r8nB1RYm1l3EIcJO_ocP8qi8pmBt3PGuvMgTS-isjqjIPPUi0awcD7jl-AGAmlHtUanqtFb8-qdaObfLcbfWTzEcAKe3OdBh6kEtfYcEUfP-QoJrgB9bdFJt-kDf7Na7FGiU0K09AI2BpmQOkD3yAVgJzLFHhmbB3CFeLavxwMpY4z5lyscNxx9qUt14r-nQbLrybFZNltAOJjViB4F2Q538BcpzW7x1aoNK2ZPOq8hjWLAJpvg7M041lC0SD9C0qfySYcrJOCgtQ-Lg8sGSGIu6rW4hzIL4IaII0rKlozbAK3MXTq9mwdGQqTQ6b0-Xmv0WOklgYrphmnkYgvPTF6MFHhssV9X6NyYDxyZEqMAdU7D7KK1_ZB9rBUZ47XTpRFO8Cd86AAjrlF0ZtPTKaoOCB4g0PKOPv8NeGuq5I_GVdurnsG2fZAf93RECEiX4xooYOZEh7MuURENZlsQV45r6BEtcdVRnGY3Pa-3IjFtP4_4N0vLYjmy_vZClxUimPOV9i2qn9L7wK3Z72wAfRS64Zlu6MsZRO5S9GxPx4SwCUPc3IM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  264. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  265. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  266. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=3ewwB_anmb-m4Dh02GrdsZrucF_5zqo3BXigFhYu3MZIKhLJ2pJm6AOWEfVO-KZJhzsUpBzDJlBFQzEh0FAZcMuG83e7CnXh_fVyCZbKAPGHxCt493aLpmwRG_kWEi8eCt9VTlPFWxjPczc3qGj1G1XvaCeI53kcfF45e8T-4qFhNvbJ7aitAqW0Hx3-9rzbAQ0Z_rRhru62wbCUx2X35ETpV4hDeZp4xWPPkJ7Ua0tNlwVKV1ykqpq4-JJAzfBxtbEIoY9fkGdtEAOJv0w4Vg0DT7KpwmVAb8vgiV8MbpOTfMY1Kx36tGLe0VuXKuGxIn0r125GyFq9po6YI6Qc-QziyB0Swz2leQib7X5O6klkW_EixCy6cD_cWMfuyOdHHp_9i_rhm8ERisuf04YGHDWLODoHrquVO3mx_krW7YW0yJ6EQKv0jq1xD6FriD-LQ_BQu8nbPNagXcABnwPns_o3_8y8goGMVCIjI5_Is81BNLOpST7SnOKpeY0fCvY02Gw2fu58zAf-wz9PiFs72cs_m2q3qpiWL3Gdgn5Mz007GTV72PblEUTbViRPfoNjafwmhuuoaydiFdnRv0lw_S2YEk4Pf5LY0H9MikrpibPjE7i6sMqM8XVMMQio0cTtN5Fzv_mjZtHW7Ei6Q-eYzFY5inwIy_EXyVMuwyQcGnwOWv-jMm7pjeY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  267. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  268. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  269. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=yTwdb8t4iJtZjG5x-onLwk56qG-OzQ4WbXYD2_8Vr4ov_UT1gb-4C43WyCFskx2q5J-cPxXzJsD-k5qL808s0MO8iThAuks9A91l8_fJI5D750oZwkkZNb-6Jf1a0WUknBVIcZWj3XXHjaxfJLrCrnVNDCguTPh677Gv7y3qov5tBTok07nOkMla0VAciXdHjzSWhmOCdwpwIgmrwqkuDVdrRNaP4BvbMFLWAL9JNS_3lIBeWV-hgmbQJrIfnYWOIWBV-27XC2TekglUibGQU3f6aI8QRlNiqEPe8bVFz4o-hcMZGbfi5g8mljDzXvr5_HWw8KIkAVKnt66NKiuW1g-3r80eHly49mpfDnadwctA6lC0XS4fMhJ_ozEIG72nAwmla_wmNkjPF5AeODvC1d5n2EMgJo1xToUoj9ZncCUSthkfw_Tjf2YGPqKr9AKa0eMqGu0xF2uElB_OPQwHKRikKlGSI-b5137AWlH4dB6CuSsxbe5Q0D4Sk56mcJzAWc9H_LqKszHWtqCTeg-HHjGOCR4DNAHaupGOB9vxb53hKeXo2tyx7h2tvvQz9MMOABSugSfLjX-KisebKxnHwGQW3bLCt1a96RKo4w4omtMA2hPG7WKyMkxUkzU41O7WJsn88rdZ02f--MS2d0YLNXHiYjREr-RYcxrpIXGQZFumPbE8HdwmdZk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  270. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  271. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  272. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=ygw7iTDR2cW0utoMmlZOL1vhy-hJPvZoUFYcgkDizDs5cqhhPuPy0Sxb-OesBG6fGz5wpfeXvAfJm2dwvtoGLlkYIEgA6ExcLYldAZ_xq-kO0iR4Xpv_6_ppr5H__SgQEBNMABnqC5GNNAGAWPbmBLe1SHwCdw0jEFIrccyOas8-Ci7lkMMLv2bi_CHlZJ_GXz5qIJPP9McuKwhurg3zZFp-C0PPu0-uVhd6AsOCDM_VlUpzoP7p219hBfoPY0P8cjSkRutfjtSTxjspk-i8FfM9UqEKvm4xqKkkfOswmRtK14Jm2na6ZLZYuqBrkcrY5RNZS14DNS2QVS6E3L7PaxJx3gPZ_nGIjmDClatZVWo9edXLQ4c6Pqt_CKNi9J0mb4ud2y3zpOKOnolhqvadti36NkobZhZ9SUOG4eQdW1p3fZu55KIG-sI3iVrjQBAkg6X7dLkw0atZBq6cWn5NMIAPklxL8d1yrUgwnjcsnmWQGdEeBz2NEk3mzw-1PaxdQtxw1wbJkhOtuD6SIzuLjTAXnUUKrn-LLKq2g7ldGzpcae0OEBLzijG0sKbweO6OJ8NiZalzPky20hWmzwgug4R9RsnozG4HVFYUdxIQvzWfpaOhlqnapsiqPyahTo1ipLP6bqToVFy2t41qtNYJUhhgcdJGRiI4D5MydH0W5BAJUaRF3Co5qPE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  273. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  274. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  275. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=8hYQokNm3uD4yumcL5cberPt8OyV4w9UD1wb9XMoLDsKdttL_PFxQmzdOZF9p48-wZ60_K_PyBV8CMNC7HyhjT1QsqrvxQpjLs1DBxQJ2Czrkyc9BS-tcnfGGq3F2Z8J_ibI9F2Bl7qhu5q-1c5jJpEgw8-fKav1kMq2fxvW_NPzhGiH-fJaUWmVUcaYEo-A9cgVzgcnilBGmJ2ThL6HrF7jhSszE_XMdazuoo7u0n82tiwbYsKo18bO-8tQLbRSfBCO7D_zHQrq15AHcLCoCCfTUSKfQWc9JtkHtY5rvqR3J_BATQgjJjFMwN-hh44SKCQNJTjg0nxd1j2l2gZB7nJ7sq5bPvAr2CLZs6p51kX4UbKFnUHqhp5LpHkhw0aPBFXaRTXwbwWl6Ho-LLeKQVk-mSdPYeAFdAfR36bNmu6F57bZ3f0X0I2uNZHTxwqVfXyGQKlh0uZktTvt7r-WZ969qRq1iEYF_KHgIs8lPRgowkgMsCXUJsHp73EanxQxyhNmiXZXZBrXrwazjbWrMgDCqnC5c8FgYHrmA9wEVpenqRqLz5rdhOjWXrqECUYDUD3M5KhL63Kk32ikw9Pq6KDnjjW99oHCn1RPf7WD2_kx-nOM191MmKxKPrEQKgBlwEVYB7acR-KFPdx-Mufm8WMulQ9a05j9aJFKlQlZMc-IxFTQz_Cku_0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  276. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c086467de26845239ca3bf0fe3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  277. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  278. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=23eae84e478addb2c7c9b59b2582eb6f1637066154&psp=UADMq21ho1G80QJqlVO-r0kSO75f8IbVr7oNpVk7sv1jnSa8VpeFXpxQ5ZSd2CTNy1rfmJWSDtsOwNvHvUzK-xamZO7u0VGwoTjQirp2P-_hXo5Ngdwf_DREXuSMGLEn77xMKeRGTvUlNDbt1IBD2ZMt0Te6PU6p0aLXC_tH7IfV_e3aluJpgjIbgiJjerzVQDepiCYPV9dei7lsudRuEFk4wOkXRf0YtrJFpUgUx0lZxAaOxQxsO98kewFeSn5SeM1v7VRgXrncWNvEUfeGobeQzSK-zGd8CmOmfboF11g0ueSwn4XhwW3XWohLD_IMgxTGhjDEYyj2onMtEPR7GIF_MnGpUSS604LmQLEAAw_5bJNXUZX5bi6cOYDX-JAHdkrerDiX95_1YV40jy370DEPjVtuQVfsiV_xsJBvKAHzpbL-c9KY0X0K1hmj6K7Q3S24E6_YAlfHaX0zhTEZmdlEQWNyyQUHPP-aNlX0Ltb4-snykFrgP0sUpf56RFunrKAgR09fVwkX46AiaLc4wJInDwlq5rN0i2KSl2OMk2hxIZxZFbZJDAz6I1JKioP-i-NqGshJYJUX-rXH0nuxbA3x05HRznDHyAo2ZwHKp0hzS2zWnzrP4WGKaVdgCFrwdRhcNLTz9fwQsHpuBy7HrfccCmaIOSVchckPLSCM9a2YpUaGvMU3Hms=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  279. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  280. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  281. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=s4roO5v5OFwms73Ea7UOGPB4d3nN4Se5OyPcgC1--FPltoI5peZxXURKV2iUyKVqsPuZYku_hqJmdd8YX6NUUE0AWyBMxf3-SSPNRHYcTbbm-G2YVyOHihmlU96HzHy2bKhcBw43Je5Y5oOgGffBWV4xNXGSSUNI3MqZ8v2fRmRof6vsQfSZWxBBVYWa58NnCX0yH5qJt5_s4tmDxAYI3s_a8ojw5Uw03Sr6Xttnf9NRw-JdrsnUMVh4z8mUSHSiTUcwng7VGJnqq4TN92BQN9cVzazvsiNrdiSPPlg8aBLn7wdgpoLmYY4z9vEdXIXjiXUJLBtedcqflPYluXdabxPTbDX2aWxYtsYP5NupbgGSoUmbm0l5NU-deWt2_GXji3UoeyCbEKZVmFPl7g0Hgx-VWH55VKBkSAwY1tcfBjHOz2Xl2crd4kHWQP-tJ2y4P2sdnM8pZKzrZ45YDCAfo1hGyDQSClr0yXH_W5TfwKHpuTgwfHrNawjidmMeAzh3wBHmtn7P4_-kdjeT5Op32f4coeeXbfMm-FeYxTlUVEUOX9BihCXSvhXW0QoQRCOoUf9m9TsAUT_Uxr0DkjUptxc4cIrjOkO_xslxJHYELVOjjdLGUmv5ivkVoYpZcyicOEZr98LC4a4oqWtOpVLQO3KGUFGGSza_uBE3JrcYrtuRNAt3fldWqCU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  282. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  283. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  284. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=_fBiwthsAJfDhYnoWE9EtkYrnvW9cFQNMh5VqElEhpC6ZGiDr1fKcF3-C1ZYTD3DANQHZSWmitpkcafgtLA2wvA5Eduzn2da4Qr2s6IgZyHH5Y3LrA23vr6fwIl25JiqZNTXh1VWHa6uIZZLTBKKbOJQWASuTJPY6jjYIt8614naAzKA9ItKfQP_POde8mRAOm9Idy-GavO3SPgh74Qnzsap8vjgD7xDlEMD6L_ZgzTiu_kCX8ctYmzW3C7oa-fu4rx_QfMUDsW_zYa3EMXKFMSl6Bq9hmglWoFKGuF1sJF-wy2jH20jAtC3fyv8RPO-F3h_OwVrksYrHehhHwqupKYHNbu6yZO_VGS5O3mSvraoki-Qfq8wTgkp3k6i0Y2q2kaGbUGH-6NVtoFMu48uPNqMn14fNClYKahfnr19SWvKzlbnQYWCC3i8o4o2u7ZtKhlu_bnjpLlr9pBRBmJyqXRAxLrKxQjD5ybIA8_MPY_A_kOUps34wz_fFM_4VnI814i0HqyllIqPPrYxHQFKf9I4QnBHj96uKBOPFPnuNtAmrEyOHPjCO4Gp9h209WbLsI4_v6T9SVfGJdG4yrVgcGU0moeJyiT5_xjHj-gQ8T9nmwpnvPNZK8Fw6v5qoMpZrKf7voRCyZpxxkF0c0wfgv99mum8VHGhEGXHpkZDnI5CF97yCRRlWpo=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  285. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  286. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  287. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=VgREcmM3R4L3i6cjk6WpCi2Bo0lPu_EoAk9QDMkCmW8bfK9k5zt5d4-fN07S86kudqIvO5RpzW_1fDwOxAWFA1kF9dEsgjyy99VSvDNGZmjM4xSZLV5hKDVsQZ7sPe1gNp7H-y493Lzk7R-FQQn2KCLxcaQEg6tjSlvu3TKZFs8r5hjWcRLl1iimx80oU3hTgbPa-hiewEPVMcMQMamTEgd_eZKAm-0mNcEO9lkhIUTSxDxG3xmTDxPZ10b-eZ74cee-7JvK2euGZfEP0tSiUVF-zHE747C3xqlcroJvIe6QLeMZpWRWgdh2G7Xg97ryNPjKCX8mFsFdiqEVk8CrgphYBFS9CIqWPRfE1uATyjSGuRbc9MoQkD25-1Gq142MGIGbAeRwEjtzWnoQUA0sGcNpxMSW0IemCQ3uDePEHBg2BWHgTGeXXtDM7QipOd5XRhMAuYrAziRx_OUTqx5TEMW2_pcr1sS7vkEOs2h3SScljZLWfIi7jo5r_xq4Gh9XGVAARuDoSwk9roxAd707rND7Jid1UFuBxo2Qy1racn2_BzccyiPCm1MGe-r6KiGsnTAtzKQgoecMnOfiggO4vbPZGosGc-TlQy-VqBZrmW7sMGnv-NDvsTYz6PnoSMb70rj18de3mupgHc_QGjVt0ApxL0mjBk0FNycuslBLJnQmzCimmN_Sa6w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  288. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  289. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  290. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SFH0NEQtLuZGVA5htvd0_otPed50J5NuqmE8Dql3YXYvOTZEitPWyqoWq34uuf0myUZoHnBy1m5bMjN6oJxPueIWSXWkxQJHjSG6cEnkPMBaOsWwtq1Gh32_tIQEH8iCYhVXg05YAOPwjE2P-K17lgARnjyoDue0X2f7tRhXySKkBgaxpYTn3xU9LmFzIRsbXNRjqdXgxJ_mkYeqFcDaaxThZMyqFQOg_m7GSPwS2pAxPr1UKtvJlCQTdQ5_jkFFH1GXAIpgaOdDus3le763alMdZTRE65rwDz6aTuw3gs54ek2bEEEBWqLrt6dTeh_fgOyk2LDwF4icD3rbEaHrrbzt8-r6UjRjgyXcaCKBXK3ps0EhPgAMSGb0i9wlFNzGbSIkUBRmqaPkjp6ByYClmzS4mA1-Lvnle4sOujMcFncHEdgUMTDDuK1m1tvL0wP_BytpkLKhjaSf0jPbe-aVuswJLPNkLo20QTRje1mbdoRfT0ZKoHXunEi-GgiidxFsTm3fnpmG6HdekPbgUwy-5hIsapVlrOqWnl_meFvtkOYJ_v7Adqh7ORO_ZdMCj-nNVNa9I1tx4viTwa49YL5D5k2NkScIe_v__IfyvesUiyXo7QuX99ercdyV3A2ngwQ0KkHyNwEhGROYjrcbbq2j1EUP-IRmNeG1St5Fc6B6n6yxsho63DOIE6I=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  291. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  292. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  293. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SoLJ0D_Fidu8gSKpAvRHL5KBkF8mT4tATj73LJqz85ZA626sioH2kkhUaUBqbDhRUR9DDvFJv7gBuszThMFefX_DwrIjFYawi-MnkKTHKoyaQ6Z-YgKauYaChSL30skRdL7ikpL4-TjIQU1vT6K5xTypp-UJq282k4orrqPHfBCbUWpon0L6GfWke1rFsB9vrfzMapl0CDkaq_p8PzAaDQByQCiZDB8zikWGRoAdzSqU_wLeISg9c4hZQxk5ZqMeSg07k2JHLn7KhDJVHiPQV40RIoalUQegWPRCudMT-FIuAwf1cmkXiUNLeaqUbagNM3u-k83sqf8pjsbu95AQvb6YWqcAUK1Y5pYamiVSO3YdJOBfi6RvTEScuPB_r_shz1eb3P4Jm_u-kclNqsXh_qQmK21Nuv9tymcb13eZd-qiCAWSfidEizY7h3heEACfJUpcenvaq3OXZgdd0m_z-Wl0eBDsZcN0mQtWfdEFAeVJIwzByVsQgpqkZOc-4si0FLatVWj22ULDMS5EzAU3VJ_478MoviwJr80P6tLr5nvGT1AF9C6syQ6bKHwa5cS3CY7yhEkiL2wqnEqxczFBM9X-wxMmorzSnD16P0snChBId2LH1hgXxmXVbziF7pplW4JIkOcKFkUHTWxxI4lmbSdm4fhspTN7bTJ-TR6Qs_r2JN2RVNX-uzI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  294. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  295. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  296. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=_6UlDChAde9zgbzks38q2JYjWJ7sR1f6OnpOpMU_3Uo_DGpsJXBwgFXl3FNadgtY0vUAKwUlUJC-HoisXAgNdc293woZyiMT7to7VCv31u6SSYv9YO1GOAp6mVaICLbImDcM9WB5or25FPDUic46Vk8ZQLzsxs4fpwwDlt8FjmBoSfbWUbbW8eQbIhdej-gQjArr2fM5ltPsfYZrVtvApwjCvvjeZwz5455KrqZ7S5ak3rC4BqigsZrbEhvwtiyxDyCy7iq6BK3QvV3HZ6c2XYVa6C0dJFu0EHHJP10bbaS7k2n7Mi88MxrMVphbH9DJLVDnvKK_bpZ0EYzdVLi7Rx-aLtbtqbf-Lqsm7iCJBfWHoIEkojBsnv1MHFkLx47tVl0GkVQZjH_x59G11VrqRoCM_PwrzEhlIZvE9FyHJ3Vr2vf5v1dVE83Bg-j27r3d1OSeAMPc1ogh0Au4juIuK4yeHdjZk-bDx0fOFdo9AmLXpxtylulkuaKxJe-pHjOQBVRL9OrpkadaaXFH_PB9DoNfp1KaI3VZ81Zjw483PRk8cmFYvnBOF5BIB5hsCYS1AVNoaic-7iSj1D0mmi3rdhwEfD1qzPBwR_dodEmk9Cg7GvsD7cClK4NhkgXxzpD0BL84jHuMbkiRc3XjDSL59Cotatjbm34CTbGySJgZYWTYaaCymoGhao0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  297. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  298. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  299. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=fwXSx34iOFaGjTTPNTbIGMVBDcyXJNC5FJIH77I_N6KjrbDbv6_wt5birx_mKXMF-IGG9lin-sTYBxohIa7ZZSHwantJsq_Kqnw3voeg91Uw-6zfLC-M9pQu53LHQg_yDsy-CZY3H830JTnPNO48wEiIJB8uQrACAN7KuFTJBubfkoe5txS-i2hGdb3pT58NRtHMumzT6WxhE7QoFf8HsH91zO3iF6WqX511I0ydfTiligG8VGsub24cS-qeJG2c8MvWZTp9hPxPNOWIlEbaNuGsmfrGeEtyUPatUBmPC-BWly0h0q6jNzqqyUVHVO_nnOpAA4xmHL3S2EEbTXVktcJQAaCsd5i4neAtrRSxXHBCsuvV-nBGfdkuJC8x7f_hNfc8YOD0KThDztuPgQP9Q45jdey7yHyVgD9rbPUcsHcIxAdfrQhSSTIO-Cm1dxAwwYQP3akQPL5-pjVyok2v01rdj5XLCGbQdsQFNGShAM1Cn5r37aAJXSmHJX7wvlDRq8uSmg1HJEoBjQj0PoZn50t06wyJoTzYERBIcgE3cYagkdcjUsUH8242iG_6sX9SVrAe8X0OtbPycCl6zQXFsfolYWrxujSYk5pAPIk0TJtvdRMSDrb1CQRi6I82BNKxjJLQyyuV5P5wgf6oUAg6AsQQGj8z1FqwdvUSBeYyYWcehIVOZu887cA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  300. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  301. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  302. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=7GDidJ0F5htisBGBM8v1-_oNmexgaTmwXACcAHs0EyZ7AfzOC-uGFkUCUr7X2Th3yzMTZdsLm_WVOaFBHcxgu66C2uA8BQQm_818p1yDryqN8ZQiNL6_dXMsTJEFS91UJqmyFK_iNWT7ZL1lyP0oTPK65e6L6j2CAzMWyWVtwcVL0kD5TZohgFplwF7H54xQh-pqrVZhZLpk9bLmNKf63eROgfeg5VtpxwIZbQlLCqaAxqLLvG7gv64MatIjPe0fTpw6lL-KCbGCYrUugKPx5sSu87dx0OoZ1Kj6_Xni4MPDffD91eJ9b3aUUB8qTFMsKHKh_F8jw1BRMr1TQv4xGIXm3GlDY1L1wNEd-XB1fVb89IgKFF1Gx2NI-BDXsC_N15iD0PtIrkSetL77NyK6llbLZt_byryiiwWlPLeOGSgHUd8ic6aKPp-BQUHiFpViw32-ky81nS7HWMHhZ1SPYSCk9erJLmWdQmmuf_WvWGVkRLCym6UZItI08tqe4tx5NgXatrhK7kcFdgvwKVPACxC6nEVkDrnoQlksu6W-yTmf49FDmIUOE4RsuLz0LoLcdxKQQ44IGAU0Lj8u7eBzLSTXBEOW0RxO6DPIaH8sdOIvhxH9zrLF1U17cFRsOPKCAxwjDw9udyAFM71A-KDcvmly3Owa_TUDvWBIRhf2w7w800kn5pFeXGY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  303. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  304. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  305. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=M6Yl-U7XjHFJ9IGsiizSUEQDdTg0WUkwORfZqAyFTvX44A4R0_OBA0XFOhV5X9IhZMHoZeJPAHaxisMM5AiuhwxVeMocXzllu8lyEDl6kc65nDU9Ksc62VJOvBll_jg8BpMknz1XX1j5Obk-Lwcg8RE8npQ7CmrRRz-Pblf7qFDzj_bwPQCpeKoRXuUYiEfsruUS_0qmU93n2r0mnkIFbb0gv8zIaTvkcyXLEl2jFneK-FOE3cWf5jRGzoKIQR0M5Py5HH6J5wl2xNzN4meIcQMLANIn-1AlhDJTkS4O-HM6CzNGRk2aQpoLB9vSkIPQRx7Hy3Yoktz11A3AIcmJjMFJwKFg6ZVv7rLeaENVcQ3a3jSLzfjK9tx0uP05KvhnXZM_KY3Ncj7rMzVnx4pHbVH3OZuNJAFX-5wZoji1eqWJlIsQ7yV9WnB3geIe0e6ax5bulMIO5V7oPA3FNfn4X7Qw5_F78iws3qFmQ7OJwzZ2h1as4AP8bshI8YmaMnwnDZdyKaoQM68_SoXAhFTxP_QFr7eLJNdCaAi0Wo1FWVauJgCvoiOums_0Je6nSd-MhN4Zwc8fg3wkhphADUOJTHuVYqjCP-S7YVdsCpid7bI9e_MJFMKcWJ84gQYuryKcDIX0EcpSH7bopi9rCPnob6jO3uIlPcmoPYdtFglttwQZ2LWhK-oOiHg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  306. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  307. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  308. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=HrYfgHuEVxvpKFO7C2SjFTZ6Hoe3DXLxiNhIzsjR7YMfeM3w8ncT8TlVE0VV8ifwVB7rvYvuDGMS0t74ce7c_JpPRQSsziOCc4ry0mHuRuknSS4eS4aJoOQYwx7UXw_WfFkeSeoB18VVoyoM31S7w3lE79ehFNfVv30GIV9OzZY4DRViiYYbxqJxEZNes4bkyq-vtx9DnxboCJqlq2ifrAUMyG_y45-JB2bdn2OFdjxNtnIYeIx4toWPDNwPhrl4GWb9120RGdewwwi4xGPu6DJFSE4bVAdw15BTlpjix3XR8nRjgkyl9jccIK2XjOlmsLAukyydADby90Y_CB1SqxMupsge8dA2rVinGfNlECcYBpcVyMBU6-eivK5svd41WVvgY7aVrxxp16l_F2LAA6t-USNUciMMUrABoiH8bK1ss0KTVbTkLhtp5H6XoP2U95653biSQ_nu5JOoY09-8CaFMNzgwL-DX6RfesaeqFWkDMCXGXQTdWXR7IjBrYzC-nyWaHWs3zkgXgd34T5C9losstmNVCBLhvDQMlnUff91WjyajBIwD5Yp-qDt4mKBXHGC6aFdbYUxFNS8QdZr6HJ5zpXyinCqVJIZF_W2P_GYWJz6Ig6D1j5grUWDzfmBmHoiW_w0yt0dIqQDf0UePPffxEUVraO07wZ1Uv5DQgQ7eNzu71ENWCU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  309. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  310. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  311. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=jfQbcIY4O96wvmZsGQhgSXKn4zmLNtU0Zsv2VEDqiJDaXbXVJGgTwSxP-oIbkfg31Loe1B8-lF2AC352Qie6XJI1xc9Tlf4dAh9LWgiqcj8MSm8yyB3ZOz4U5qN09l8yhhet83DzQ44lj9qVK5XleQ2q3TuFomrlkLpeTBTJMMza0ESIgWsQ7SzO35-vnrBQkkuJxRwrEQzAtbzaIrTbi9BxdxeRm9hF1asMmbVbQdhK7a5f5uM2kXLLk_1TS0_RY1C3UEXW6l3NMTKHk2WbT37Nbc23k-RaeLDNlmEgTOa5DfrFqm7Af38X0tC4qq7ou2sJ300c_M_6NQ6Yr2VB0QYjT3PuMDz-sKr4pDUdmFL7hpHQmQgQu8LNLkTri9v083UgdpQFDJB3pLyn1gsH-VXXJWBtp5eECwqfttT6eTyjN7TfPi-JvHmerbVHpTlF1MC8jYvoIhflLh2KJaXxagO0UisqlUdyc455ZKhz6D1TfppLgwQirIf3rLxmSxA5YK-eNHom6tYTT8EHBtvpm1oJSBlL6JfEd0YsUsjeyc05_eMLzkyNktJ8vH2yc9VSyM0aeLxsFX_MCzPHxzxRw7W92ocmyVCcHAU390olnfnQcIMhYuwSMT3mU-Pgj1-5TS6DmngVxggKyq6iDb3xouKpeEe4Y9IDiDUdUqkSQgfAGfs51waTnx0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  312. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  313. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  314. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=dKknQnqHq8lCaPfvMiHUoV1Z7vyTx0uheKuZnjh8GrLH6IGvypyeuFsCFsR9OHfZvRfHz6ftI7B_ixjN1oCUI6vofSG8WoZZd7Tozx7yl-mxrfKqphfC87q89e8JkyU4Hg4po8XTTJgGjHd_6kzF9qyGet_eKNa9mbiGfXwGDaQ7LCf2ifwrc4xp5uQ4A3gwFO5w9qrLUmAXqM_Du4tyn7jsRjfo8_lm49E3kaM_5LEHHOl2_KwWx2ii0S8A7LdqNvToVR6muxKxOgFaJQrsQPINN58OLdRP1ovUMySpKnRcjVZTLUak5rB310QdRGAyjJZTxs54vM01p-vpMptTIlIyjWjzwf0H_6AF1thaBeS-ycx8YCZA2GoC4aqKBpUPGH2TDybiwJmRSRJALMEFuCs01evxubl_8U9Ux39jpRaY_k4ZEW8tKGlmwjqvhwKNfLRdm-oN5Ojopfr64C03ekKpIODefCHZ9afGIKuVms7p8cBFYNi0dCoZOxbRPaDy3vj1ZJVro5iE1oq0QUVxRabUg-s-nCpLPOLmrjJLuL80Lz8ozBi34pBmjln2hErTiM5A1-8JIc5zWSq-ir4NX-oB_f4Clz9V1PupsCr3KjC1WPTf0Hv8DNdKGOZwfhozN4GiQYRzOrXotcYEfhcG4vJgy_0l1Fk2rbIhqWrOSQBz9aoZu_ZAAQs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  315. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  316. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  317. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=bimt_Y583uDefAZgsGgdlgDQH5pMW_OXKY3VO7JJUzkzSPGdj6WICuIJxZ_rF_bfH7lm059JPTFpAxsZJ2Anjvn_CEYub9yRXCTZDFjykSUnCneHd8wjmLGfBE3rD87t2VYxOMMJhBxbg3ndLKMdrA-Qo21nyMSfiUkhBAv4WcP_hO8swGMBsw9zJZRJsLvkqORulzjHUV00wohU9wb8voQ9ta8L2Msx45sB1wE7nQufGYO7zmFQSYs2sxIlOBOvUUHiwzG_c2tJDsyAKOyYJRnyCDh03JPArbfh_vvlKY_ueqk-ua73jNX9MReZvBbQgMt6Z3B9yQSHkcO-WT-GZK3TEMm4JlH3Ay5ScFmp2NcYtzJUAPWP8TlaYh3Ya9-Xiq4UmliQitA8bTbWsfl_1UEtZGJ-aVt7y9PYCs_cXpJakehM-ECJ1FrE3GsA51iQveGwMb-y2vW73DBwy31KYsMFMLDFhK4J36tzAK-aRxRAhv9FenO1BDLkgChjFdJjlcSYY3XyBxWWg633XIXx9xCXL0tax59Vd_SCbJ35Kc7tnOOG82GT3j0mJR8Lb3TmcxagBK3-1Br9lQIE4FqRw3EnH2VPcCsQoqP2Gt1CoEEFBmYL-oRLI3t7b8KtqgQNw-CmM-nOaULzoANqACsffa2E4UJhyoygqkz-0GutOIlHG_wLhsZCvz0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  318. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  319. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  320. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=j-fVyd24stYBygBkzjPPCpLqvAn3nBWfEgd_LfWo0pxuoFk4P2lLLe5KkbwMg4W57sQAmbg2dyQ3Yi3mGR5A-Kp67D66zPWuHpVMlA0aGhksoANgzoiP_v4XFPlfsBjqMWjkHRixxNHhIzxed0D5e_xaNOVejTeLfzJlVMk5nCYE9u2TskUjjvFB91Q3KUgjAdxArh31K5JACjsEZJW2eJGzMpVR16f-x5TnHwse8ED7wlX4vJf0n4UF-2q0GdVYHClLoCamc0pSBmmR-OzC3RPDyF2xoN8iFhffqQ0q2if12L7SWaEoZxZZSnMmZT4G0SuTN8-rWHxzGhUn00fRHPbmLBVugAiHRkaVNVsrrBIbnqQQE3ROzh2A2kJU0HkDKlSL8jufBzdRaRA_jeDGgb9HY7Xdtgjy1aIki0XvO8Av_CqSw0Xi2GuSlgSkDCAVvLEF6HSq1XelGw8navlJVG8fEgMcUKJ77uHEHmLXVU9XD8vDbxhXTW6-ntcGDcJ1EFm9BPKejd2gsDvIVQqzedbYcBbyYIGFTAq3k4DqDXLJvi6Y-6-b8-qNW6F9ej0lRGeE9Ykd6TXm4wRHVyqzhjXdp6UWgsOFLn928vyJcjcQr0qFkXElKaavL8tjqYULM4cPHjFF802eDh16ZSdnuYRDsSeqHc9ST7GXIV_rp2mD_V4w_0NpdlI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  321. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  322. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  323. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=iXbUvZHXEAkYhEIaxoIosfTHh08vzDvDLuOu29a21GeE6uvEcqHZgODJ5XNlq6M4mEw1FdaqOnEdxnAh4RH4IV3xue8X9cTGcE8oHJb1XAXYoodING_tniAFvk7OKV8O5UsCxaPEAVc7LdxAyl1f99Tt_j_j3hpE3BujEbTqC5jfOgcSimEV6K0ba7RRdFreLTBjjoOwMzWOEcyfRSrNOEUJWDHFBVDDLNOnZwGjnXWB18MQmhJDERvZOT2sgpGEOuGe1D2PNLy6XE-orVwgm4bblUXWw3aKCyA53pNUiXTh9sDSW2HxakuWJJQq3vES2ZKEr7mPu7TPro9GOH4IQE4uOJdX6f-FZyyGXqcVDl7pHUz_z2EByxQkjgbNH3weE98Z2p0F7QiZ96qP_M-DHgzxakd5VEjZsDiDKrsEOVbtdkR65TvviLen35Tj-RU6FBmONSzQ4VwLDXxuyaNAl9WmBEPmcTlmDgq_oCRPhKQWV-sYDaecW30Li0tFT2VYK42IELXg8dMI1cTk2bYuIj36H2xHrsMRHCahp1S9TY2tNYNUiCq93FEe9t6m_3fM7JhuZFgCADhpz77qVuAwLmsI2U6CdzKPD_kAlLHIkyBt065-Yeh5eNmDsMVjY8SCyVoLhRsPa_672Yuirbqof66d5cMBCnEWZ7LYfyY7YhiJscwEXLGXWOA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  324. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  325. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  326. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=4BPrGPln_rTrwS_jQO27NxO47eOjwtC5cdQXHODI1stAYLVJpR60uHH9sYQOR90DQru-zITyeZVKXnJsEeuLYJFP6E2kFR64JEeBKUfrbq_jUeIV7HJDhrx0EY7W3JmX3adhmXFqbE2g2SeumDib9dZN901kXewdq9b6nOzfn8R5DG2V6QJ1VivkcStyoLxgGHIF0JdT2R62Cjpd_ZfkmMrGEW0tV6PVUk9bPr-9sNMIsSJCiRXElJH0hHf3ZWleHLXE6-Ms-2YUF9XlSH5tjYHeIQoyUrGsYPqDZHoZ4JqbvGnwhoMUnSU8uSEL4U9YMYQqhCW5qXlrTnkrChT7ZFlbaQodq7Ux318DpvWv1EfcjW70d3GKkwX60k2seKFTJhBFM2JiX2omgyJ4tZFT75HGL6jvIBSJ8ZmjWftN_26PPYjBGUxPfbzlVxxcDZSV8qMbghHHXgmzhkJnvXXXpPPRo3zp4sHiusxzn0fKmuKPP_O6JPWmnZfUfV5pCVKaT4jDn_c1C-uk8yCN92uIWkSDi9degSZ-nmWpaHF37evHzN_3mBGA2aVzKx_O33aERtllybsa483wMUjBt-M_cA-lkeT890GsEr9viixw_aYvcgohUcaq3ABQ0jhHpJPJ2VFft2pGAYKBoohBU-rv-tkPreWbjJC7CFctPmo1ZuFxSZzBxqAC41A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  327. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  328. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  329. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=xhrhPNasnl6UQcW46sXSX9o1BuCcjOUK-6UXFOg1nWgueK45AgUpWub737sGT0XyQxTTRdsUUwlTh1-w5L27_kE1X54AACClJvDs86JRknOXbe69KJuCmM-ytX1YiY61eLEPr7go7QJJH_0QnULoCaqLrgwMDa8mkI4msVTOLLvsmp-yoCikXpokPiZSzacttM9CWkmBNk6ANwKoKmC1lYBclmVWQclEcqKQe0zKxtI9NJ4nMeUFdBmN1RL61cc1MkpZJ-GThCeCb-JZk2e1U6yemdTTdmPhomkUx55rtf-dhGKDYtVJ5zUszeMd1yOUfuNTgNFmPY1McL0HIr3dFOdr-kuHMRB7byqSnLZoAW1iEiOnK5GkE8Wrg2lUjrB1ep-HndTLmM_AVOrgqnrH83i4XGD8hdkW146n0QW5ekH8PaloSXaI3wIio1km_pH-Hc6cYG4VdzLE_OVTYrLO-mp-WS__bdPdrTjbpRntr4RqZblL6GPpHw_Rr9beNlaZVYT5sbruY4fSDwoyuFxlF_sypBm8hjN3rHxDZgEIspPH-mkBVAEJfPVMyt0IpM2luByKE0g75e7xYIZkGg16esprMYfmO9xEOeliZNlq-N2zTVel1NG-sTZElgO5DZKbelBQ3qzpIlCzEHJCGKBq6ZtBHCBeXbw0ZRMAkqGXfON17ZOxaf-FbWk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  330. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  331. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  332. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=44NcEc_-jqsLDnfDfwxul-c45lRpWGRp6MXmO6ohUu0b3ga5nX3iAOBKve4mE65-cCMZG4Lu_878V6U7z-ivghWUZGUgbmqcPZGbjclhgePxkdpZDYrlWsvE5UkaT7LCfot5GuPz4pYyrsziH7cyI2KrjJw20qC3_o0Vw5l2WeGVPxeUT9xBKpi0S8FWdrF-cym7sbkSa8Aa2ArTF2xAT5gaZ4U7iRHJ0SLk-9nR5DKOSoqLhUj-lSpDHGCkl1LAB1OtiBRiJDqlAC_y5nkB0Z9t74XmUvkolUXNWBxltPOYTzij7bqQ94n-sduBIxfdhecDyGmHbuhkuPuWwA8zyPR3tNvb025CzyJ_TYbsA4OBBLwaLFtegPwjnd9N-qosjWrSFrzgJLh6IKW-f-44ncJsH90_4HMa3CPoFnlXYXB1lYWyTrIkuIDkobcVUcKg3uqzjL79P7ywjnXx0CTy-uTQC1zJcjqnmOD-M-8af0V3p7HhrKHs4C4VwB-KqeGMsu7vqUlQ02ofSA6ardFeiSGa0I9qENswFwUuV3AbDWoWgTOPdH4W_y04AXLNGWwEGMrfOUwyudcOy0q38JLGKFMuoY7kb0PybwPI2K5O0A2iSa_6Zg0XWDxWTF8usDi2o5SwMxmsGZOua3ka26uI7jOE0lUGTqY0eL7_yrkWhNzTtqU5PcQ0Lr8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  333. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  334. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  335. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=xhHV1DYS-0bWeqB-ETjc6NXcBE6NpejRasTX9weEEcq9ZJ12MI9P5_WQieMcfgEScGAG3dtHPKnLX_bPysNUp85CWdReh1k392sxrj-hv9iJLV5M8asKjiad443tyIJVMsr9bx6K9I0VDHLT5EZubaB1iCUIBCekCGhIzmM8kLdUUaT_vUcCI1Pq_CFHVuNTDhgNjcRcBHX98T_j-BgLFgXZ-ZwnvOH_I24EK4U1BCUTmhXBfH1jScucdTcpV3YRJToHYrmum_l1d7AnXaUYTCbqhIeitoHkaqIM-OjCJQNHQbrvv34K_R8MZn-teW_4MySIXn082ma_fwBvKZ0nXQEPLhmflrh6r0738OpSPkddMphXrBYtfZWKK63HesyXJMEHKvvWiDqwcJRI2zpGpVkQ-DCZkg6h03jWyCZrzUYXRhZmShGHdgtYgHL1wyVoknS4-oNYAnPOJPDVK3jOpuXtidkXqkbsr5KaPQRO-DZwH08WWSGea2UOBT8EKiST4iuH0DgvdBmYzIzN_hseyJaecSv6Dx5nPsf8nVA8Krw1NKrjOWakd7gfjmUtgoMjzCPR-FebiT0IqaN6h0kEusfo_NWy-XYQDN3cJep4JFN87hdhZnRqWPpZjQ4v8XxqrH5QDTj2Czn4Cb6k95DOf7kpfunWLE8BjP2pfdxORiAOPFOWjCsBYHs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  336. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  337. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  338. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z1ZsrP059Rl38imJxPdNeVu4jvcEN5hnoCqYR8Sc_5AoystVAwnSsje2MACs45cbh4gsilZcL-Z5nWLb4YuZIkFbxjI_IMkVRtnXXqdrnR5mvyGyICx-wimJZph4V7ZQy3NRSZdYVAMikTlzHl4XwudXzCn-BLYUipTJgKHbJRbxvMAcxLX6pTjSpZawOluBnzKQJSDsyhmPmwHzgJyUEtk1efBwh-_AEKjrIfwA-3pC01hfxuHFPNuOh7rsGPqkZdfJCHvSL45IEFiF2SV_m437Y6yWCZVjElNKp6ARXFWdtjwX1EDPYgXXbiZxVgRIgM02NHJqIrsc7Yx34ZwibeDGHu7ki3nu9h_KCQHIbXj1ekvASN8wO-5b_k9O5ZVDgVkJGqyZYDDB7DMkKV-dJjumF5VVvv_HLEc5DjOxZz-fHHSVb3qONMABIryLSkhYBj4DYkbB6T_MB-NuKX7n7XvNJLA9QKqnPx3AEVWoTy_z2JgpAGRjOBq_DEsQARE7q3B4H0LVV2eC7b8aL8460jCEWCsLmPZuP0kI7BkEl2aa3mTWs3FHErG4hccvyTa-rpIm9o_jwshYWiZt8d4iaMofp6RW1uHV_5HYKcySbHvNEWE5R2Vpctz1NH8p6HZJkuD0kGFsXMUenRXHcztZhrsk6gcvBWJ1t40pgYT9AsCLzYnLlEt4UVw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  339. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  340. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  341. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=V8700Pzb4NdIuRGyOXvtXokRALr2ojja8Swx4b3kJepPPFxMWG_Ila_PxZgs_1tBJmsjGqYBX88mDdUJrtkDNMgHQWSit9wbVuFYr-z0Y7FkG2cHk_BvAHj8nLLvJkpDj9hmzR9uEw9rUJiondIGnml_eCB3X2TXffYLIxgm3IRD8DoU0i-sPa_b-m9imG8YbJ5KzpOv6y1TmxwpiZ4a-NxLTWF8k57qOQ0N8h7PRzvLK5hg_K3jvBVvfQKwobsVLUlwftAJff8gbb4QFyWLwfH5YX_HC1vVlEytIV_P5mon4ljJYlcemMJd4voCXrCisO5uKOWWzPOHHlzT-a-8sufqM5AlHvwWp7qnKGX5HWw9smVDG26cB_J8CLMbRPMwCKN0PzLpASGPOcr0msbuf51jEyZKO3qQwuwBTl_ObVzR8Ajj6BMBEltGeQ2Mbog1KOkhiQs7doqltscxew4vDJemVcc9JpFdQZd6lgL4kEPXjnkh7a2ZY-raaPqMFgqDJCM5a58ljZ8er0-puZPvFyceU2moSXB2s-6FsTHVKOUlu55MKG77gLG6oV2Z9BhGK-ZUSABoXZqD3Agwi8k7OFt6792E06RQaNry5xQiDUZjRkaG-WLRDU8zelP5FVXOwsUj0x6SMhGQmvPhGjz1_eAhesSDQtq2dIKiNaXqnnG7lZE6ap208BM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  342. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  343. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  344. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z9ToOJM70vTC3CdpAd-CThzUK7Td0efKPHG8COhfkB6A-e1_DbjbOTRjduKvoQS-Dd5s8eDk-QmLZyDOHhqqQB7_5YrKdHFdZyIqOiBVEXEqqqeLk-nSvV_tm7qleLqPsFbxhHqOpj4ZZ_6RgCFpKPZ-WXVpgAB-yNd30k1nN1NJY9ALewzDJVw80jhAQyweANPA7ws0VVRVCwl1ph_OJRacrAo0-ZHxA3I1td-2LiFK1_GI1djhJN4yXeO99GJWDc7wNp9caSUVOqToMRDSNbk-gP0qrI_-O2j2A_9Q9Ac_eTS9_qG0ESgPqznD3a3ESwNswmUu042Hi5vslqsQbZaHb7qxqMo6CuYcEMWIrkTT9mRO54mio3phNvtwlDGj2_xzQ4pC_78cTYl1i8l_HRpvPD6XwFx5iB9CkV1OHL-QL1ga3ENQ5-IHINiMiDQDVD4QV3jbSk3q3JtfaEeeQimx4FJ3zy34x_Ql-KIZ1hJem5vSeDPXfcblGVxfdb_R1l1nSqrFcHFNVX899hxzXCWpAtyTT669CFKnIxFhiALBLWmLEfmK4MlaMQuDQLxuayKSG6nu4FM-I-tHeTAT_S9SndS1FI7l6oBBp69_FrVZ8Dl29jhyliOSGh7TUMmgsWxFbzLM1QZHSxJI-muOUi13vmd6uUaq342LYOX9OXR4nTPphUJpgqk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  345. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  346. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  347. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=UIWALQaaMYfaQXG0OHnIxh2nrrmuT09RJhF0RRlpxSWMNZS_3loDZA3b0XfdmdGctw3mxU_lbFr-Pz68G8zX1d2JZGEcNlgWCAWFCXknHz0wOVQQaA4llB4XiH6kdH8tnnrOfZo7O7kQBM68Eri8PopzWL2Bk10OVZJNBHErbhWwXxp4Bd9x3MgZKffDrhjPB7LasXwI4eNw2MjUiuPGqVeCc820_QGN1Lh0UePmgRbibpNd7FqW3rT0VlA-B3HRvhX2bYbxcub11d7wQvIklf6xLScBEgvsg5NZmll5fuGki9er_JL_e8GICbP4ptrKInnLaCs7FfHlPpjaWloGim2j9vkKsvsoq9rMJhJM-lezI9GTqyqjtRyYlLrhZcW6pHw66Koib_2dfWyge4N7J6HvWMOF6qOwNpPlhgEL9aXCuPr2oVHVRp9xpeWF7pKUttx1JIQfRDIfQvK34GGVLNdTu9MopiTi2sC2quyIaFLa2KvbckSStQjNtb51kU1yBTRMnMJyqcSSgMXR84Gdueg9ciWlCrFe5bQVsg_LEUpwKyHFfaEManKg0bPS0419bP6v9oHn42kc3QacbTwWYTyKDMjRx8fSqH6aQrMEqCd9EeckTA4qCmOqvfDNTcE46YdbU7L66RB9JRRxjq9zfdXUOVups_E0VsTrcfC8_MfNeFAAnuEA4-Q=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  348. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  349. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  350. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=6suHxVQhH1x_drvmBiGR9HWMukOj3e9TRspSfPwUbp313qrwXtKkgC0w3lW3kEC8M8Zck2VHDteoEj1dJVT7puKKeGFaTP9O4MBblf8b-01UZgMccKibD44v02pT3iSjdV6e-Xi_h-ezFnQKbMVK-7rfpeenpAQTXW4A3lZukMGWlVA_DfzK5kUGDrFxgkYJA-5qYcgtQnH6d2REFlQzNZG6XW20K_pZ8EIHMdIJiKzguyLMnbgCX20rjIAragGn5Xzq34Y-1CyFaFCbu7ZRUvPnEPpeL9SQyuYJ5OZx-iKag4GRYaNssuh-rfAtifVx42fxTIU0FnkbLgmt251gcjWu7WJoJNv44Pwp3OwsLfiw9KkJ_jo-iDaqgZaR_9c-_c2mNNVQL9sIXgOrHoA7rJvkjNtgxsysHXWnCQzX0Gtes9Jelwj_CGpCaPBitt10sHYXnAdcFXmEhcZwomgFjRxJZhhbaa1PgvxcUL1B8CNCVUKooTOYkY8zSf7jqMPcMj6Dm0fKi3-7acER9ZLuWTwvOxG-gbbpK7QcxN0xL30Rr62UZmFcnSH3hHB76y_GEjyrmmF7lrPxwmgIDmJ04Hb0WRusKByq3sQ060X-AgMLHr2JbJNfr5A7_PTPPdBDPqcfyCD2qGMVDQmLHmaYbJtjc5DhcvANYZL00kK0xO3L49XpAUuPwKk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  351. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  352. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  353. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=Q-oj8Jz-tQg4XrvynQ10IyVImupDpq8p8wkEcpOEoyuJBq8MHXYaXQk_Y9LB3jDHKQ-ni7A6C4ZR9oQVwBe-JmDNgPsNgxuRbYjw4_eV0P6Dw8X7FYWYEn5MoVC6mb61CAToGICjMgbAZVK2jffp6i2IbyMQeDqwuXOkdMWED7rXfd3MStOAukfjc1SbH4Hcp22sqrYo9lw8wzdtpKb-0T4vmbWe3l-ume2VVX9aXT2TqOfH2-56IURRDeA5UZTJgH1aNLrx93R_PE6GbIHqMPONfzoaxL5-HTfO5F8FnKIUCe2eOLzySUflDMR1Y7ZCmbmGV1Isc1m19Oqx9RGdbZ9-IuvR2X5KSCm8RLTjYPcU3cLlhWvOxtiNA7YYgbkfle83Avad6XxCQmM-kM-GQ7BnV6MpAmUNaULOiJMszp58mPoRe32x1qzLfq_SBWf5EGJ0kzAt8jC2IyoYSQBXz-G8BFjzRhVATprM3VmtFkrnTyVv60Djc-He70LtaCEJHoMXvW6sJ0VkfT3ipvCOe_FlDST00hTiyg2NJxx_tGdJOmX4k5PGvujUcSYrajwpDltkFvxQIzNjnuE3IMT82eoqiAMqXlSDXSOzMcDH_YGfUb3-lT6LCCy8RBjzhUnc1MSdPYnH34vgCGqsRT7u3IygeN6aJhNIPHmcauqk8NtO0YupvlyhFr0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  354. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  355. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  356. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=mATsZO621QpazSEN8RfL3oiY-xarSTlqBIDfiLPz_fpFOv3v3ndKUhNNkuhnYReIY96CzcWhyqASqmNqBGLiA105yUI_t10rNUkhVLewinIT1PCYV2TovjoXKoQqlvsdEOIB78RLyvDHGcXMV72pumW0JBA_PmA51KxYqwsi4vlkkbFK00SgUB4dNm3LVId6Dqrd5MsU3ur3RogiXYiQYpCTl2YODnfnOFoLjwXCA6B7bjsFkRVjxttQzHZC-XBknNljs-1B35UMjde4emHH6gG6vNVQIf8DA19urAv6l09lkI8Q0BXPG425qX4YNz1CJ4tgcGBrB3lOxwc9LIOKUpqtAFHKeV7S067EZudxokWU8FYZqBK9gC9iwEA0Y_6RtSmOXgrWPVOrdQ-tFvevuLaVjbmK_Yw3hNdxMQPm1d6o26AHWSlgQ9RaDUS4k8PP604twng5ePr6sSctorCRU7Y_jRHLPURJBu3dNIbnK03bJcI-7aOTuSmW_s1WeWj18fxXhGnQ7wzeE_M3lauox9ukzlhCsuwD76Xnti0ZQ5XLBI-6Dv-x8MkTxynKOT4eqk61B3x11Ln4jF3iR4m9DGd_VWqEBDV1qoTnJ-eaEmkLWxJRBHxStfinIAEM_ESRy7tIaQcIjB2dDs-rx7_0i1Nh43OVxX-LwxjProszozURFNxq_Vx46uI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  357. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1549 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
afu.php
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
HTTP/1.1
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
543c1ab975494e2ada2b15256a0fab3616363bbe76680ce2a64eaf35425eab95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

Server
nginx
Date
Tue, 16 Nov 2021 10:35:32 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
Timing-Allow-Origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: http://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
HTTP/1.1
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 10:35:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 15:10:21 GMT
Server
nginx
ETag
W/"618a8f5d-7ea4"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=uJPjej_d5luvPLEfqw0hdPnJgU10nZBnpa1-D-PcCSRGUR6luLEb1OW4xIk8EXvHuHHk5XaZlpV3YgxcbJAzsDc152w5bzUA-OG1O4c0Fzdx4MlZmA8fyBMGNucVuHzOKY5BqCweb9fITAeEHqLvwrsr53nc5JZevm-zPVO74cAIvGl8XeqGaBkI_WzstnRo8vbVoH6TzRexXCQUH4B7KC8e_T6Q9ZQmTX-0NTBsTe2eMYW0sPJvIBOjQScOhyGBuqVWtOvce0gtth8XdbFy0Zzzt1cr0E8D5tnW8f2SZW0pw6ZzaNrjap8Nd7UIhE5a-bow1uxOnSEjetzrYNz1M1y0XQGjz6vdq4Zebc3CvQarZ7ilcXIzkvJznYAsr5ozDBa4D_afOSdwYKtzQgk4D0BzDotAipEaaxEBB_ZAp49TM2NlrcgZkk-Cmnkx23pq__fHanM6kDNBcRbdvl8qLB1OcKq4hlGsJlYoHFE7mEvnJyzwJXIXALFCaan4e5VcaNvGHRLvfNIdoOCAup9an7koLmxhaUzvJalLbf3uU-JXifritfnuYGlMC3k4MYQs4WQG7E1W5vwUFaKSvA9zQi-OTJLdgf8WFJiNaaoqFuMci38NWGFbB79gl49hZmgMXG0M5PZgjVEiar5pB4l7SkKnQEuSLWSQHQr119lvd6zT6A-eFaXH-_U=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&2
Requested by
Host: kneeansweras.com
URL: http://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
721712868277e89178a6b3f2399d38fc01e7f246f8162153d7e3be9d0cb9bf55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=uJPjej_d5luvPLEfqw0hdPnJgU10nZBnpa1-D-PcCSRGUR6luLEb1OW4xIk8EXvHuHHk5XaZlpV3YgxcbJAzsDc152w5bzUA-OG1O4c0Fzdx4MlZmA8fyBMGNucVuHzOKY5BqCweb9fITAeEHqLvwrsr53nc5JZevm-zPVO74cAIvGl8XeqGaBkI_WzstnRo8vbVoH6TzRexXCQUH4B7KC8e_T6Q9ZQmTX-0NTBsTe2eMYW0sPJvIBOjQScOhyGBuqVWtOvce0gtth8XdbFy0Zzzt1cr0E8D5tnW8f2SZW0pw6ZzaNrjap8Nd7UIhE5a-bow1uxOnSEjetzrYNz1M1y0XQGjz6vdq4Zebc3CvQarZ7ilcXIzkvJznYAsr5ozDBa4D_afOSdwYKtzQgk4D0BzDotAipEaaxEBB_ZAp49TM2NlrcgZkk-Cmnkx23pq__fHanM6kDNBcRbdvl8qLB1OcKq4hlGsJlYoHFE7mEvnJyzwJXIXALFCaan4e5VcaNvGHRLvfNIdoOCAup9an7koLmxhaUzvJalLbf3uU-JXifritfnuYGlMC3k4MYQs4WQG7E1W5vwUFaKSvA9zQi-OTJLdgf8WFJiNaaoqFuMci38NWGFbB79gl49hZmgMXG0M5PZgjVEiar5pB4l7SkKnQEuSLWSQHQr119lvd6zT6A-eFaXH-_U=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:32 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359455fef529ae43ae989e0620d4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:32 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f8b209c1f557526e6cf6236cff71a9216880add826b6624d3b30c13b9e262e46

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=ly3a3YMAkMtAYCO08PLwjRn2H6ZMRAxor3FsGYZ40dkyN-hjZoYUtXnh5xhFiJ1QXSCcDutPXfE_0oCu0bp_rooTvBC0Q1mtG36uxFX_JvTiQ8JU2TIl7OU-jh0oYvnTAPTNEbv3yVbQggtceCNU2-6dwB8ancfGQ_WFqec3wsrInjDBmAYZnrgG2hNkE8ZrpweyXDZes9kD6MwlqQxuYG_vTalQeSDh_4ddTTtu2BrNBTJMLBs1JvSobqntpYPpSbtB4zQEa1X6I4HQn6SOpvWovEI-RyKn4UJIAKXTMkpVf_bqpp-zEZVFgPzMJeMTKRC9vqS90zlUoqju0Kn6TKU27sVwyrxjI2ESe9szr9YEMJ6YN6Izr-38g5EULXZ-kKg5wAx9JxPAqTDruEncFiJfZ9Isauz5djG34VX4IesJeVVfhzCp6HcGUNw-I6gFsnmHaYGJYgRKuQ3NbDNibIEMXmY2Da1OhOImaxZSV9DioEi9NAGXePONWlW09GO1HTLPLilp5Msm1Y8O4LE0TQWGF1VcfrWs7MpFAptQ3BiqEircxKIIjUhkvyob53N02yXButd2S9LiQzJW4C4LsfU685x3RN4EIknToLh64zS9OBvY-UrTpbj1U5HOFvECYmzA6_zPussEZcYlu7RdEWpsAhdYOix_CmS_CxcloA7d3aJwfxQkpMQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8284e1cc14319682439c34e90c567532881e1dbf50964d704545f5cfb9ff70c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=ly3a3YMAkMtAYCO08PLwjRn2H6ZMRAxor3FsGYZ40dkyN-hjZoYUtXnh5xhFiJ1QXSCcDutPXfE_0oCu0bp_rooTvBC0Q1mtG36uxFX_JvTiQ8JU2TIl7OU-jh0oYvnTAPTNEbv3yVbQggtceCNU2-6dwB8ancfGQ_WFqec3wsrInjDBmAYZnrgG2hNkE8ZrpweyXDZes9kD6MwlqQxuYG_vTalQeSDh_4ddTTtu2BrNBTJMLBs1JvSobqntpYPpSbtB4zQEa1X6I4HQn6SOpvWovEI-RyKn4UJIAKXTMkpVf_bqpp-zEZVFgPzMJeMTKRC9vqS90zlUoqju0Kn6TKU27sVwyrxjI2ESe9szr9YEMJ6YN6Izr-38g5EULXZ-kKg5wAx9JxPAqTDruEncFiJfZ9Isauz5djG34VX4IesJeVVfhzCp6HcGUNw-I6gFsnmHaYGJYgRKuQ3NbDNibIEMXmY2Da1OhOImaxZSV9DioEi9NAGXePONWlW09GO1HTLPLilp5Msm1Y8O4LE0TQWGF1VcfrWs7MpFAptQ3BiqEircxKIIjUhkvyob53N02yXButd2S9LiQzJW4C4LsfU685x3RN4EIknToLh64zS9OBvY-UrTpbj1U5HOFvECYmzA6_zPussEZcYlu7RdEWpsAhdYOix_CmS_CxcloA7d3aJwfxQkpMQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:32 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:32 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535924b64b8c6dd402c885083d099&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
01a11bd26e721f16af05ceed28458fad8df9f5ced8af38c93801547ee05f0e9c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=yuKh0Jy8IOW2Sh3SMFnZfwBya8IcR7p6VQq--ZYGkOXruK_dOl0tirIej56S2U-oqbcpj_DugZBdfcYHGwITz1MqgUzMbgifJJeg88tIcjojCuXsRcMeQnQTNHXUTKs6BfaXowudRySNPMtkaIVa_uFrGWK6af0HBnGLD_2y_v7NaTG_kZkEALgtXK1Asd4yl92PZaU2o8g-JxLm1uKtA0aTit3eeJW3T_BQ4Z2Bbfnaw1WkvWvdgkFFUW-R8Ruk3doHI1f6_p2Ahq060tCMkLb6ge7UVBjA11IrkMxJRwp_eDnD2AhzqNOxMjag76YaPCTgNr_D73IycYRswwqJgxrdsq_RxLkEs6CwKIkso5AV9QiNLpaRcUjXyAP0oYzIaWUz2jjOvcUfxEb0mwvlmuSp-STcm4jWv9TvEj1rxQcIwlLzYA9_TvB0BkmgozUvnB6PDYypu_Gu2QOYCWy86-VJ5ei5WagiL0MwYAEjJotmzcFYn_43g30DOWo6saIdNvpC-bRFAg9kEkm2-LIU6yqVAgGvsXfsO1StoGyCXytkAnnGLQN_xxRwC8vJY6CRwsWaNJoRsAMiFv7fAPRbU-KaDotdwSthfkoDR_XuxJngY34hgtdHoFKPWnfX8089ZdORi6ue6yVt5TgxGw1rxZ5sRbLnxYgYgalv7rtPmrIb1LflkJj-_Nc=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
986c8cccadb85d1ad9eeee9229fb4eecf2c708abca286af423e001cf3e39b491

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=yuKh0Jy8IOW2Sh3SMFnZfwBya8IcR7p6VQq--ZYGkOXruK_dOl0tirIej56S2U-oqbcpj_DugZBdfcYHGwITz1MqgUzMbgifJJeg88tIcjojCuXsRcMeQnQTNHXUTKs6BfaXowudRySNPMtkaIVa_uFrGWK6af0HBnGLD_2y_v7NaTG_kZkEALgtXK1Asd4yl92PZaU2o8g-JxLm1uKtA0aTit3eeJW3T_BQ4Z2Bbfnaw1WkvWvdgkFFUW-R8Ruk3doHI1f6_p2Ahq060tCMkLb6ge7UVBjA11IrkMxJRwp_eDnD2AhzqNOxMjag76YaPCTgNr_D73IycYRswwqJgxrdsq_RxLkEs6CwKIkso5AV9QiNLpaRcUjXyAP0oYzIaWUz2jjOvcUfxEb0mwvlmuSp-STcm4jWv9TvEj1rxQcIwlLzYA9_TvB0BkmgozUvnB6PDYypu_Gu2QOYCWy86-VJ5ei5WagiL0MwYAEjJotmzcFYn_43g30DOWo6saIdNvpC-bRFAg9kEkm2-LIU6yqVAgGvsXfsO1StoGyCXytkAnnGLQN_xxRwC8vJY6CRwsWaNJoRsAMiFv7fAPRbU-KaDotdwSthfkoDR_XuxJngY34hgtdHoFKPWnfX8089ZdORi6ue6yVt5TgxGw1rxZ5sRbLnxYgYgalv7rtPmrIb1LflkJj-_Nc=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535f5c3f4b61e344000aff5ba6aae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fc8272c2aa6f5da304805b3886ec0e276dbb46f9c99abf3b8fd1d8838f909161

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=hjUkflamZQ-_8VglSAGw8NQq9DSofjRSK2WOHUfF-FFusTHEQtc3rU8pZLnZr3lNp1PbUYp3ikYzfDrMDvabeu7d7_Uu4PeUhKDUVua30TM8wMrpWMFNpMXCm5ZKdVF3rIw-x0V99mvY9JaNJI2sgLzglbD3iIxIsWPeIVqb4Ih5enmBKFGlHtQ48rDnhT8i640sNsUpGJdZG3JcRK6CtgGQRo9ZcW0je10FYoCuO9N4Q35FQ6avMt8pVV5d2ci1K3Zy8OtfiFKn6Iq5NswQBFIR2znCIP3jEaEuWtBPbVD-_tuHRMRZHHHrsncZRZtXNITlc29HzxHBQKoutiRy5cigKC38_0RCfFbQz7U-fkpsHX6AnBpp5cqxLTp_d9PtNZ2zxvE5XPsVhboRbdU6mEVac0Q0gcNGBnvsVRKHBmQ_L827pcznoAFjlLCk1gvuqUrs2fVnAih4EpgGZg4Ish5xGMJg2hUjD89szeIvwpURVqn6EDT9s_0_zYCht54U1VnBlFLzpS5eXO4vTLNGGWaG1jh30VV4p28yX6iOexj17CBWXOl7EJGzKF15Zbf-vGxxQrLvI3JoOCEulsjmAt_V2fFDYdIrkAefpKDu10EVoyLHOtEPIg2yjVWRhAMRiirYl2Bdn_McAHaBpZ-_OzaNdWwXK85JAZYEgP-2rDMg5udtN4Zd0WY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
097d92e769a5e86882d4ff243f94151565a700f60d241c3fe6a15c38579d414e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=hjUkflamZQ-_8VglSAGw8NQq9DSofjRSK2WOHUfF-FFusTHEQtc3rU8pZLnZr3lNp1PbUYp3ikYzfDrMDvabeu7d7_Uu4PeUhKDUVua30TM8wMrpWMFNpMXCm5ZKdVF3rIw-x0V99mvY9JaNJI2sgLzglbD3iIxIsWPeIVqb4Ih5enmBKFGlHtQ48rDnhT8i640sNsUpGJdZG3JcRK6CtgGQRo9ZcW0je10FYoCuO9N4Q35FQ6avMt8pVV5d2ci1K3Zy8OtfiFKn6Iq5NswQBFIR2znCIP3jEaEuWtBPbVD-_tuHRMRZHHHrsncZRZtXNITlc29HzxHBQKoutiRy5cigKC38_0RCfFbQz7U-fkpsHX6AnBpp5cqxLTp_d9PtNZ2zxvE5XPsVhboRbdU6mEVac0Q0gcNGBnvsVRKHBmQ_L827pcznoAFjlLCk1gvuqUrs2fVnAih4EpgGZg4Ish5xGMJg2hUjD89szeIvwpURVqn6EDT9s_0_zYCht54U1VnBlFLzpS5eXO4vTLNGGWaG1jh30VV4p28yX6iOexj17CBWXOl7EJGzKF15Zbf-vGxxQrLvI3JoOCEulsjmAt_V2fFDYdIrkAefpKDu10EVoyLHOtEPIg2yjVWRhAMRiirYl2Bdn_McAHaBpZ-_OzaNdWwXK85JAZYEgP-2rDMg5udtN4Zd0WY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053575d58ae2cc2c439c95f71ae906&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f9c5c029d4df4ff768da0b94c3f397ce13cd8dc69bf6bc3d1d28c65261c5b076

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=Y9mKqUOTlnKYD50gVMd_sGRPbiZ_VQrMgxFh8zi1qqV-QekQ01IjeRfrC-kZYpz1B5Iqwrs_xHsCyG3yKd1RAlZBJ_f0WT4sVdCNqcgPf4XHyKIxlwH3aoZHw9TEDg5gZHTTHVfkpAVptF2MH3qq4_XZRT8JsrMNSGm6mT24DsHfiLQ473YwR41JG5_xUndS0D-yUiOG3e7JgeYqwz4zk5O79Oil7MMe2TUm1SkyfZACpxv_XYE-_IMOKb0cbM0So8EspGYZvLOH4gRAcjpJfYLAIhINgjUYT0c5rk7XYbBlNVsrWFVT235XllcD4GUoQsOQjrrDAPZDq6fbH90gdqwGlt7MpJW9rRSad5CApCPeYEUqrB0n8Wm7psI320LFM85HCmnfkge_69SKNucOCf_R6S-A5QVFr46_1w_poFiNoo0HJTZLluCBTMPXIzajbCoa0pWXRGy5RwfJBUbdcSROXTu6fpg2SNeNZN3FA5wRk3L8xrT5gnK05L55IyHnUFVTONGhQBFhAF9UWdrHAgBFfJycnTSjhNXjh2Phc8pFeRhuB9bYlXauEg49stwgNMpwb5k9BHUS0AOvR8UGpXHucHzEOO961FnDp-BN7_4_JFk8f3YTRS7aryky5xaJcbe7h6PL_rKG83PJZHurqvhH1P1MMRBDJ2Y3kX4fBpu5UtfRFPts5Fg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
352fde961e8b9fba10370d0de73b17a98e35e28db3089e7665bf9de5d77c1f02

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=Y9mKqUOTlnKYD50gVMd_sGRPbiZ_VQrMgxFh8zi1qqV-QekQ01IjeRfrC-kZYpz1B5Iqwrs_xHsCyG3yKd1RAlZBJ_f0WT4sVdCNqcgPf4XHyKIxlwH3aoZHw9TEDg5gZHTTHVfkpAVptF2MH3qq4_XZRT8JsrMNSGm6mT24DsHfiLQ473YwR41JG5_xUndS0D-yUiOG3e7JgeYqwz4zk5O79Oil7MMe2TUm1SkyfZACpxv_XYE-_IMOKb0cbM0So8EspGYZvLOH4gRAcjpJfYLAIhINgjUYT0c5rk7XYbBlNVsrWFVT235XllcD4GUoQsOQjrrDAPZDq6fbH90gdqwGlt7MpJW9rRSad5CApCPeYEUqrB0n8Wm7psI320LFM85HCmnfkge_69SKNucOCf_R6S-A5QVFr46_1w_poFiNoo0HJTZLluCBTMPXIzajbCoa0pWXRGy5RwfJBUbdcSROXTu6fpg2SNeNZN3FA5wRk3L8xrT5gnK05L55IyHnUFVTONGhQBFhAF9UWdrHAgBFfJycnTSjhNXjh2Phc8pFeRhuB9bYlXauEg49stwgNMpwb5k9BHUS0AOvR8UGpXHucHzEOO961FnDp-BN7_4_JFk8f3YTRS7aryky5xaJcbe7h6PL_rKG83PJZHurqvhH1P1MMRBDJ2Y3kX4fBpu5UtfRFPts5Fg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053585830a93bf0f479f98d9690140&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d29574f293606d8ab13b68260c73667d60731c2931bebb197f3909e05c79ffbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=I1SzTRhmVR0u_Ere0ozsORUJOnzreYhUfLc_ueeCaMz-oaWJQQj4Cm9y7sdTURvGlji4kAZChQm08WsqABm9g4zwIARG1FRTOv6Drinb1OvTONPAC9B1hJ5Nz5Ve6OoY-iTcyuKrgd6qnfIZK-xBtSvCvMgLr4N3qG6rQmMeNe6obOw62uzepMQfNiqcF1h2oGazdVAkivxAQfy00VURJJ6jpEq1A3WXhopMwXkln2pA-BNqf5lktxD1VFNOQRPyW6nZ6aLc4zHG1NJUVPZhKX_BJKcyoQ7hjxU_m5gMpujeqhFJ9x5YSyf7xP6udZqCac5MIuDowip7XHcqx62JQCPMG2mC58wfURMBSCEs9WFLUVU0rAiMA86LZek3AxfkC3m-qmeo4dIpvQmyOz71DkpNgR8_tcrG5Cba1Uf8bmo0WqUVz8uCEgpFNLhszuQVR9R-jOG16JEdvPLZygy6sn9EMyjhXyNi7XjvY4M_CsqvpjDfXFjxS5owJ_CWixoU3ws2UkDHkViNT6V9Zq4yz8ZMQw-ddgW-w5lgg65oXKlxgDhBJ5YWGAY12lrdl_wv2h42PVIA9vxm5z9GnhX4oiRxL57NbGUZG9lL_kqlBkMSkyFGHHuBB8xui55Y1AHDuDPtXWP30k0VbhIIiYrcISx2NI7_1eQ94qFPdyPpGO1SSIbZRp_8kZ8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
240079bf14f168d068e49baf97739cafed8959850b7787af03796be8a1f06c2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=I1SzTRhmVR0u_Ere0ozsORUJOnzreYhUfLc_ueeCaMz-oaWJQQj4Cm9y7sdTURvGlji4kAZChQm08WsqABm9g4zwIARG1FRTOv6Drinb1OvTONPAC9B1hJ5Nz5Ve6OoY-iTcyuKrgd6qnfIZK-xBtSvCvMgLr4N3qG6rQmMeNe6obOw62uzepMQfNiqcF1h2oGazdVAkivxAQfy00VURJJ6jpEq1A3WXhopMwXkln2pA-BNqf5lktxD1VFNOQRPyW6nZ6aLc4zHG1NJUVPZhKX_BJKcyoQ7hjxU_m5gMpujeqhFJ9x5YSyf7xP6udZqCac5MIuDowip7XHcqx62JQCPMG2mC58wfURMBSCEs9WFLUVU0rAiMA86LZek3AxfkC3m-qmeo4dIpvQmyOz71DkpNgR8_tcrG5Cba1Uf8bmo0WqUVz8uCEgpFNLhszuQVR9R-jOG16JEdvPLZygy6sn9EMyjhXyNi7XjvY4M_CsqvpjDfXFjxS5owJ_CWixoU3ws2UkDHkViNT6V9Zq4yz8ZMQw-ddgW-w5lgg65oXKlxgDhBJ5YWGAY12lrdl_wv2h42PVIA9vxm5z9GnhX4oiRxL57NbGUZG9lL_kqlBkMSkyFGHHuBB8xui55Y1AHDuDPtXWP30k0VbhIIiYrcISx2NI7_1eQ94qFPdyPpGO1SSIbZRp_8kZ8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535528fed0f746f4c7d955f132528&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:33 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
00df4cbb39e670a43856a8c887000bb7b3c3f6894fa4a91c8b79036cc8d0bcea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=uXiQ9kKWvMJDl4G01vSZZpvz_X2zK-CBXaJwsVl4tO32Tn2QG3Li7RSBPCOZsO0kHa-jAFaDZUVV6-hrdpNGGFimYOxuFWw5HqROOw0Q6dTlGyRC3aWS_JYjhfW9TFvYA3wKpO3Ujwa4yjivS2hDq6oqxIKQMccSlye2Fl6RBOgzmfBJDyT1qXFXaGny5BtgQyuDgOcBbVOE2OdhYcRUn3cjaz5Zxyn2-OWf1COy5AgScs5VqyDRDi7e2Y1rGACa9aQ64nm1L75L8b4-DZvIKYHOzyKQ6dWSGsayqtNkler1PP0gHJCH3xYIt-_bVe5Ql6n1PHYsY-eWr9hYsyczaGCAGP2GoXJpJH1-rEYfInl-CItH_d69m7G8s70WjpKTltsfrfIDsWGk0qXh_iqei2QC00bFjZglcb1Khj3sBRceLOtQJh6q5VRtBLhHMGG_3UGrkTUuEgsc-aHMKLHl860svfi0SyeUk8gUmUJMbfN4Zgh1d0NsD9YNYlDA45MOZyA0CojQGVuN0G-Za8-c60ryUYMf0V4v5wbXiEviamiovOdqDldmKblf9D11-PKHDCXuS5uVhs5-sMY0BHRc4Jg3Y5eaFGOs2z6tonLrodjn6jFZdM23OQHd689LL6l3zV8oFNRLBKbmJUMuoZRGC5pRlkiF2YHaX6viOSe8ygqyKru10Tw5Hzs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
33006c809531435ea8fa11a16f06b0edc27095184c4022623e2f5db65b37dcf8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=uXiQ9kKWvMJDl4G01vSZZpvz_X2zK-CBXaJwsVl4tO32Tn2QG3Li7RSBPCOZsO0kHa-jAFaDZUVV6-hrdpNGGFimYOxuFWw5HqROOw0Q6dTlGyRC3aWS_JYjhfW9TFvYA3wKpO3Ujwa4yjivS2hDq6oqxIKQMccSlye2Fl6RBOgzmfBJDyT1qXFXaGny5BtgQyuDgOcBbVOE2OdhYcRUn3cjaz5Zxyn2-OWf1COy5AgScs5VqyDRDi7e2Y1rGACa9aQ64nm1L75L8b4-DZvIKYHOzyKQ6dWSGsayqtNkler1PP0gHJCH3xYIt-_bVe5Ql6n1PHYsY-eWr9hYsyczaGCAGP2GoXJpJH1-rEYfInl-CItH_d69m7G8s70WjpKTltsfrfIDsWGk0qXh_iqei2QC00bFjZglcb1Khj3sBRceLOtQJh6q5VRtBLhHMGG_3UGrkTUuEgsc-aHMKLHl860svfi0SyeUk8gUmUJMbfN4Zgh1d0NsD9YNYlDA45MOZyA0CojQGVuN0G-Za8-c60ryUYMf0V4v5wbXiEviamiovOdqDldmKblf9D11-PKHDCXuS5uVhs5-sMY0BHRc4Jg3Y5eaFGOs2z6tonLrodjn6jFZdM23OQHd689LL6l3zV8oFNRLBKbmJUMuoZRGC5pRlkiF2YHaX6viOSe8ygqyKru10Tw5Hzs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c28a5ba172364407bbd6f506f7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b3afba993385401cc302a185cbdce2e6e5705fb7b6e2c6f5a8b48c91a3f3ee21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=86xUYpU6xB-gthhHB4r9cTgrqzoM4NSCSoXo_QixYzaZFZIbw1X-FNEfjzVzWWSlxiZg4w0A4LvhAAr2TNBnUD-PEzDF1cHOgKpLLATI15A9CGL2nAk5CSKo2ncmg-YFosZvc3DrPvNcCIPLSlvzGO9DUiGGlkQuKUriu-6Cnfx3J2BB36mGbxW0CKn7r7qJHLgN49x8yqC0CiI00ZyQB8ItGJoT2ZUCXBzZ0jnJa6zdw34LLhKK1VHyaNSKQ_7wx9h1jWESUSZdEcN8Kl_kJVrYSuoslBeIiPWvpICb5qt-oICJ1Exy6in-vxPJzElP2z1l-cndt2bvckOrQytOqWivt-x3LoH6pvABfIFWFEAeLsoRt3T6um7eSVspxDJ9RctoL-G4P_f_sfd25p7g2UCmpjSI4UfMvoUdab5Bw3q8AByCG1MdK5BD4a3EMv5b_Hti7NdM3Rp3mAAwAOoztURlK09RbAlQc8gGMpxiEDdtf6vVHoVOcInEvSfCTnZ_lkEV2_mwdDxYyTax823Yllz_5Lu1-kXNW34XzBrbeS_1MbnT34jKCC7hVVfFycXSoAju2ffbGJUOUxzna-QlnTJ2yR9JHzIvJmrL-4BGDnOat8KuNESd_E8bIaJezuVcvgDCaV-G35JXBXGCOouJahb-Q-zQblrx5yJIEMDvA-EIKuUSlvhXvV8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a22f562a7937656e08013e3b104077e4369222ec0995fcf2847694de3f247ebe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=86xUYpU6xB-gthhHB4r9cTgrqzoM4NSCSoXo_QixYzaZFZIbw1X-FNEfjzVzWWSlxiZg4w0A4LvhAAr2TNBnUD-PEzDF1cHOgKpLLATI15A9CGL2nAk5CSKo2ncmg-YFosZvc3DrPvNcCIPLSlvzGO9DUiGGlkQuKUriu-6Cnfx3J2BB36mGbxW0CKn7r7qJHLgN49x8yqC0CiI00ZyQB8ItGJoT2ZUCXBzZ0jnJa6zdw34LLhKK1VHyaNSKQ_7wx9h1jWESUSZdEcN8Kl_kJVrYSuoslBeIiPWvpICb5qt-oICJ1Exy6in-vxPJzElP2z1l-cndt2bvckOrQytOqWivt-x3LoH6pvABfIFWFEAeLsoRt3T6um7eSVspxDJ9RctoL-G4P_f_sfd25p7g2UCmpjSI4UfMvoUdab5Bw3q8AByCG1MdK5BD4a3EMv5b_Hti7NdM3Rp3mAAwAOoztURlK09RbAlQc8gGMpxiEDdtf6vVHoVOcInEvSfCTnZ_lkEV2_mwdDxYyTax823Yllz_5Lu1-kXNW34XzBrbeS_1MbnT34jKCC7hVVfFycXSoAju2ffbGJUOUxzna-QlnTJ2yR9JHzIvJmrL-4BGDnOat8KuNESd_E8bIaJezuVcvgDCaV-G35JXBXGCOouJahb-Q-zQblrx5yJIEMDvA-EIKuUSlvhXvV8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c9fa8fec0b9a404fba3e516e2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
43e980c8183c5441253a802ff665a7605aa8f36872e5ec4e0f0c7529398543fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=I5YMO4KGA1A9EsRJlYr7mdjRaNjcySGsCTXAIWYPFEeQGGN2VkT44CEK6ukLfPaUlv_k4oialoU4mXhciqvp3R9WJu6Ia-cWSA0_YiH0D7Zn00xyD2_U7l3zIM4oMZzetxYmwb4R8YhSes96qLAkJCtFcRt_XsPhZ0SyZXdYGEtWISNvmNmKKFeHMjZFiipM9TtUSXWzlBfjgsty_EM_E_iVBcA6xdo5Mw3ms114cvvuaDURaoU_fBXYb3hxkb3wk7Nci-u8Swf8XJasE6rM9asYp_ZZ77g-sbbj61Hp3Nl9qa3ri-SN1R2296v-bEPMJYeFcF8s5jObSxI9eeQWheo-U0cGJ6sWdI0yGyA-bF0dnWON_yH3APal5P6G_OmPEWWo4dqVGXHndSwX_2tABRdGAKdFDlk5hS0UOD_r-6o85m8r1_l5rFhvrhUXGQX9-MYqi_xfwyQAsHgQqJaSzVlYynD_yHxXkhKz8oL2bRUSnjKzaUkbl9p8hBTRqgNyjGZ8G4kF9mLTgWmogxmznlh6qYAhZ7nbmKsiK70AvyVpK532ZYF52lpmNb4TcGG1Cj630J8cWrnTJNzBgRaKlW41RkWgbGWRnzNirrKqXjBqxmBgNp22whoZY59HuZUjoeeN8DKOpqAEp9M1cVxLsf8EgmtPKT-JfrKnsRznCgvPsxXDWEwxxfQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a8ae573aad44901b4e285db754ee5c815cd712b475249c4675a98f23ff02e262

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=I5YMO4KGA1A9EsRJlYr7mdjRaNjcySGsCTXAIWYPFEeQGGN2VkT44CEK6ukLfPaUlv_k4oialoU4mXhciqvp3R9WJu6Ia-cWSA0_YiH0D7Zn00xyD2_U7l3zIM4oMZzetxYmwb4R8YhSes96qLAkJCtFcRt_XsPhZ0SyZXdYGEtWISNvmNmKKFeHMjZFiipM9TtUSXWzlBfjgsty_EM_E_iVBcA6xdo5Mw3ms114cvvuaDURaoU_fBXYb3hxkb3wk7Nci-u8Swf8XJasE6rM9asYp_ZZ77g-sbbj61Hp3Nl9qa3ri-SN1R2296v-bEPMJYeFcF8s5jObSxI9eeQWheo-U0cGJ6sWdI0yGyA-bF0dnWON_yH3APal5P6G_OmPEWWo4dqVGXHndSwX_2tABRdGAKdFDlk5hS0UOD_r-6o85m8r1_l5rFhvrhUXGQX9-MYqi_xfwyQAsHgQqJaSzVlYynD_yHxXkhKz8oL2bRUSnjKzaUkbl9p8hBTRqgNyjGZ8G4kF9mLTgWmogxmznlh6qYAhZ7nbmKsiK70AvyVpK532ZYF52lpmNb4TcGG1Cj630J8cWrnTJNzBgRaKlW41RkWgbGWRnzNirrKqXjBqxmBgNp22whoZY59HuZUjoeeN8DKOpqAEp9M1cVxLsf8EgmtPKT-JfrKnsRznCgvPsxXDWEwxxfQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605350430a5acf3f24558aedbd11274&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6b6de88b38ee48358f51fbfd42d961c3d8da609df617edfe436d41939ece18d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=j1cu_aGLUDi7fPNGInGjt6YkOAFyOEXvVVwtM2_C1HK9mAA33uma-wRpQjV2h2AUiz1Ghbyk6pLv2_cOJ9Cz4kDJV1lQVba66rgXGHOtbYmKoUHfAi63UOkIbLJINdI_rxDW04aI2lsrxZ3yKRJ_GTHjrjyxj1EKvNGQcTFGoZcSmk1rZliZCE9tpbag_INgotwc0gOVRZWt51RGz0WtBGt7NV3WyvaGqOWTiKLGb82eHtKr95SgQ-KEYkSvgTlWkb2p-J_92flNcHQQKDbOVXh3Uuv5MDg0DRnE7hNTwurBskTo6eamSD-sT4e9YesEDwsmNeg5CQ1s89wUx49nR43XrtjINEmN2pkmVWHXbSaREcNGIYVN1vc-QzNMSKZ_p6z8Nl6ypWxTXGCati0UQ1cqLPTeoNSNkloMgvXnmL99P0LTqA8qfLH0bP8vkydEgbondIGNi4VbJlxQ2a9Ewiyuh1lErK6B_ApLI_kE2jbzSDoYbxyWZgGxC9O4yrFrf9vzqOakhCp5Wrhv5buJwpYTzm7UD2gdglciyHB_tUGV9J0DhBTFy7_RAi0RA8KfQXlJ8w9MTQiftaCDINUbbKC5WLv1dDkg_L2exHg0BggK1GJmf1kXac6pGDMqAfVSWycb_WTNPcUPmWNcBST8wT0uao-dMP0ub24uBX0FoKXUGxgnvV_4M_A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f47f05078dc4fccac927aca1229601c973d30f1c6d96e0bfc082a37b2d5bb424

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=j1cu_aGLUDi7fPNGInGjt6YkOAFyOEXvVVwtM2_C1HK9mAA33uma-wRpQjV2h2AUiz1Ghbyk6pLv2_cOJ9Cz4kDJV1lQVba66rgXGHOtbYmKoUHfAi63UOkIbLJINdI_rxDW04aI2lsrxZ3yKRJ_GTHjrjyxj1EKvNGQcTFGoZcSmk1rZliZCE9tpbag_INgotwc0gOVRZWt51RGz0WtBGt7NV3WyvaGqOWTiKLGb82eHtKr95SgQ-KEYkSvgTlWkb2p-J_92flNcHQQKDbOVXh3Uuv5MDg0DRnE7hNTwurBskTo6eamSD-sT4e9YesEDwsmNeg5CQ1s89wUx49nR43XrtjINEmN2pkmVWHXbSaREcNGIYVN1vc-QzNMSKZ_p6z8Nl6ypWxTXGCati0UQ1cqLPTeoNSNkloMgvXnmL99P0LTqA8qfLH0bP8vkydEgbondIGNi4VbJlxQ2a9Ewiyuh1lErK6B_ApLI_kE2jbzSDoYbxyWZgGxC9O4yrFrf9vzqOakhCp5Wrhv5buJwpYTzm7UD2gdglciyHB_tUGV9J0DhBTFy7_RAi0RA8KfQXlJ8w9MTQiftaCDINUbbKC5WLv1dDkg_L2exHg0BggK1GJmf1kXac6pGDMqAfVSWycb_WTNPcUPmWNcBST8wT0uao-dMP0ub24uBX0FoKXUGxgnvV_4M_A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357b36c3dedceb42c4b205f69d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
940b0ab440448510a8826e8dc82e1b362b8c4a4122d24c6936d9a52a6a00eee4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=rnHxYKx9urGqM9alRFJY9HfWAMpuaSAREfTPgjR9jd38XNm_VagFKbNLLyabwYcl9kQErnj9RiUr3oJx00jHqpYoQ_GkSgXgM3MocfKRR0T26jKKOcbMXaQtKUKURODsct5KDUygwHyi_2hb3wPgjZQ4DUJNyhfagy-7Mn1gvok9sp8myIwan03o-zPX5f5bP0OVbjdjBfgXD-G8E37Nucr9wGNgiXWPEwD9tMdfre08cV6UadBXwOkrcdc5DbByVBzSydkxjnSEFC-zr2ImjkzBKunAM-YEwr3lga0K2npqFFr6Hpnobbz1-30kuJhsWr0dlv68J-zAcfZKJ5Wz6ge1WwL6jweyTlJ_55ijoT0jhpBhRFdqhy9F1o4Y1B6dtSlgesb962p-GcZvR0MvwOlY3fvi08mIKBzJp2zBmR52hCDL51LBV_Ecw5kJ1zuhTOscRYYjaGoXEHjJftwSnuXVZ4Y_iXSAYqk3trNGOis78xi2sdzNY9IXnM-Ypk3TijEjiOdYUZwHJfjCrcERQVAEWP_291qE7St_oGwI0RuPgVkmp57lAk_iMjR-8elvRMrskLSGziFzlZsAk0BXXONZfuDteSy2Y8ndEfyyNasNrX2nxe4jCYZ-FthpY7Zk3OZGDYUJaHcf4_A4lSV3c1UCjr91FFs4PUg3Sh5ueP5CymHBRAmppj0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b288faaaf54dbb784dfcae4affb665d004cb0da398bdd05a7a4603458e7d73b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=rnHxYKx9urGqM9alRFJY9HfWAMpuaSAREfTPgjR9jd38XNm_VagFKbNLLyabwYcl9kQErnj9RiUr3oJx00jHqpYoQ_GkSgXgM3MocfKRR0T26jKKOcbMXaQtKUKURODsct5KDUygwHyi_2hb3wPgjZQ4DUJNyhfagy-7Mn1gvok9sp8myIwan03o-zPX5f5bP0OVbjdjBfgXD-G8E37Nucr9wGNgiXWPEwD9tMdfre08cV6UadBXwOkrcdc5DbByVBzSydkxjnSEFC-zr2ImjkzBKunAM-YEwr3lga0K2npqFFr6Hpnobbz1-30kuJhsWr0dlv68J-zAcfZKJ5Wz6ge1WwL6jweyTlJ_55ijoT0jhpBhRFdqhy9F1o4Y1B6dtSlgesb962p-GcZvR0MvwOlY3fvi08mIKBzJp2zBmR52hCDL51LBV_Ecw5kJ1zuhTOscRYYjaGoXEHjJftwSnuXVZ4Y_iXSAYqk3trNGOis78xi2sdzNY9IXnM-Ypk3TijEjiOdYUZwHJfjCrcERQVAEWP_291qE7St_oGwI0RuPgVkmp57lAk_iMjR-8elvRMrskLSGziFzlZsAk0BXXONZfuDteSy2Y8ndEfyyNasNrX2nxe4jCYZ-FthpY7Zk3OZGDYUJaHcf4_A4lSV3c1UCjr91FFs4PUg3Sh5ueP5CymHBRAmppj0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:34 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c2d7853a18794b538dc35ed458&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c439483362e0312db280e5ca3e09b2df1e28b56910a5a05ee81139575c204166

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=DOvMDrqLD4AbhobWU0NpZKjODcZBpk3uQ33xujFJyQ1WXnIG-W4BkKMPfyizJsa-UdmhoXFSIDe1HLHz1v5pRLgnKQBa8yrUM2bkPHggScRXY_kdfLXxPYiLg1X_so6qUZC8J3MzgUhgUe_iCTdErDSoPrNkfDcc9I7Vna5rgQvoXZ3H0vW8WPFfxKRVEwJQYZ7HtQewZ0xeGqgH4MNAv8XNAdiNSh3U63GrsHdIK1-eAkspsL_OvUh1jfatMfdO2yg0U-DKIJWO8O79a5k4jX2GI7Ln02BvEb3H_uPBqnm3Un_cCaYGDWzt7clp9gvuUxuXWMn1I1hjnwX-WMAHRECn8wAMGDrHeRhiJtGV8H54UztLfOVPMMBNPb5c-Cql1fCVu-TgIXTX3lx0X7ZNQW86WDYCansKcIG52N7kL9tiXk_DNhf9rTGCCyap3R7doXYAJh8gj55d4V9D8NlTOCxXe4dSuXRfPz5LAJq-djfVf85hcwlR-blRydklaqvWetKuvNBtDhOVjTe82iOTOwyaXTZvbVzdMDbN9PN0UFE4DEY1IlXhD5A-40KAloZR2puabbGcbENQIuIET_dtQy8HoocUw2eIZvVe7jC-R5AbJMuZmUghklfJn49zKQ1cTwxFNHz9cpwCq65OLucZISYnIansVE1btZro15CFslw4DbPd3mfx2-c=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6d28595fe796ee7f28ef1b3fba6dfc1282a0c5b1f90b6e5ea38295b224fa2c67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=DOvMDrqLD4AbhobWU0NpZKjODcZBpk3uQ33xujFJyQ1WXnIG-W4BkKMPfyizJsa-UdmhoXFSIDe1HLHz1v5pRLgnKQBa8yrUM2bkPHggScRXY_kdfLXxPYiLg1X_so6qUZC8J3MzgUhgUe_iCTdErDSoPrNkfDcc9I7Vna5rgQvoXZ3H0vW8WPFfxKRVEwJQYZ7HtQewZ0xeGqgH4MNAv8XNAdiNSh3U63GrsHdIK1-eAkspsL_OvUh1jfatMfdO2yg0U-DKIJWO8O79a5k4jX2GI7Ln02BvEb3H_uPBqnm3Un_cCaYGDWzt7clp9gvuUxuXWMn1I1hjnwX-WMAHRECn8wAMGDrHeRhiJtGV8H54UztLfOVPMMBNPb5c-Cql1fCVu-TgIXTX3lx0X7ZNQW86WDYCansKcIG52N7kL9tiXk_DNhf9rTGCCyap3R7doXYAJh8gj55d4V9D8NlTOCxXe4dSuXRfPz5LAJq-djfVf85hcwlR-blRydklaqvWetKuvNBtDhOVjTe82iOTOwyaXTZvbVzdMDbN9PN0UFE4DEY1IlXhD5A-40KAloZR2puabbGcbENQIuIET_dtQy8HoocUw2eIZvVe7jC-R5AbJMuZmUghklfJn49zKQ1cTwxFNHz9cpwCq65OLucZISYnIansVE1btZro15CFslw4DbPd3mfx2-c=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355bd3e2c2b71c42f68f83fdb882&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e6b374bb60c67a6a67b2a9f2be77fdd22c4f93e181744b59dbfd9daf9d2934d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=x1eq5fqGPubKdXQBL-bEasdORIzuD0UrFL2cu-9PSVyBawOg4NjPtMIO3WoE9dFZy6asOq8I7OpgRVv94hT072LMKlrXzG77hwsacwMQozeWKJ0RBrzbUyLBKs_QkTmIwPPqd_JbgmhWEQK_vS36g3T0ojL2jnsLNsqr14LYicKqKk42HKDsnUCTBL8xFFPqotl23XsDSU80bztgmpKVTOYvWcHuwB9VfBiea11RsKbz16zrrVaJiKpKA7YHoTnmFrG-uy4kJIX0ara7Y9Pgo5pmqJUP12HVaFuf-mO_nX7JDcnn_48Z8jEOmMToKZFYoQuqUfldv5-uTp8j3NPh08AmOWJaSnhZbYs0nm5lefOmXmpBezKniH1nPjXWXX-xpRD9Q_pazQ9y9rvo8LPsF_cY0Y3ZnLNVqoDOLZXchMp81s7r7d2nrjV_krVCOVhlD8CdAP2LXGIOidBDOSecU0Y9g6wGOVAjFYCn-5A4-of-Hl8Vwx2D5kCMcBPFTekRBbUeAxdrYUOKtFfPNV_fg3Bgm9PmCIete9o2jiL10t5GORpHMygTGCO1_VaY-vK4cj486m6EchrZ-ELs8cK_jM6qvYp8wFD5tWTsTAAWqYBi1APnE7avExrVpJ1zCFVL3HrNFrNDV7DZu4MiO30DatcK2x9dpgBOGL4BXiRlaThg48BsR6rv218=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
56aac09ca0890965d4166a20b1648abb5448c218f400dfb18d51195f7c79429a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=x1eq5fqGPubKdXQBL-bEasdORIzuD0UrFL2cu-9PSVyBawOg4NjPtMIO3WoE9dFZy6asOq8I7OpgRVv94hT072LMKlrXzG77hwsacwMQozeWKJ0RBrzbUyLBKs_QkTmIwPPqd_JbgmhWEQK_vS36g3T0ojL2jnsLNsqr14LYicKqKk42HKDsnUCTBL8xFFPqotl23XsDSU80bztgmpKVTOYvWcHuwB9VfBiea11RsKbz16zrrVaJiKpKA7YHoTnmFrG-uy4kJIX0ara7Y9Pgo5pmqJUP12HVaFuf-mO_nX7JDcnn_48Z8jEOmMToKZFYoQuqUfldv5-uTp8j3NPh08AmOWJaSnhZbYs0nm5lefOmXmpBezKniH1nPjXWXX-xpRD9Q_pazQ9y9rvo8LPsF_cY0Y3ZnLNVqoDOLZXchMp81s7r7d2nrjV_krVCOVhlD8CdAP2LXGIOidBDOSecU0Y9g6wGOVAjFYCn-5A4-of-Hl8Vwx2D5kCMcBPFTekRBbUeAxdrYUOKtFfPNV_fg3Bgm9PmCIete9o2jiL10t5GORpHMygTGCO1_VaY-vK4cj486m6EchrZ-ELs8cK_jM6qvYp8wFD5tWTsTAAWqYBi1APnE7avExrVpJ1zCFVL3HrNFrNDV7DZu4MiO30DatcK2x9dpgBOGL4BXiRlaThg48BsR6rv218=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355cdf98f248e748b0af5387c089&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5348b773ee921e50dccb5f426875330cf926f4fde5340af4f05563c6bbf3fddc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=Tg4mUCw-gFKxKmtp8UhAaKcS_8MUsbiFumSuHs1jcYmzIbIkkElRbONLuDgPQas1gWX0GP6gsheSAuvwzYD1LENRj1JtUR5GMXqisrVVdpMuGfQ_ejoffEBG6kBkozvA9Kpx1arKR6DrljILBSLPDum0efhYmEgZ1sT97gj1F2bd2_cAqxfpOiwTvgyW_eEuXb4O7m22C7Ikip2CU8LQ813a2H_IP1-_IxhlEhcKBEvu693yGlxDZzU9dJ-BUS4cW-EDrqLP1eFamVR2M_xfabcm3nSW-FG_HSu1bNA7XBgMuq-CLnK8AazGERyHK8g8e4hw-ATIG97UnTyTFDOx5SKqmyV7-wLhVkzj2jNBu6lTIRFNMEEeuB9lv-lLQjmoUTOv8Zo8E7K8jzFpgyvYxoz1vpJfVQZATZf3YtDKZnm03rUaFtOggysxTqFU5hPQe9kmdhZ2o8yYGiNOtg9HcgijlzFDezd-ZuY6SUakh4NQ56arvEsz0oGgvh1pwMUrPqHX_ATH2h1JqA_edfsf9b2wwaelAni4u-rj_ohF5iuJztT34iQms1atH5ZUB6j8uVnzIUKp_YnNMGJYojtRGUDnWaISLnjrzjEB1VDQlYfxrDhfg4EQYjxncA1gEPokG4UaQpjwU1Cwxh5hRbNGI-BR-1enApiaqeVWfaK9YyJiV-iBViqFfjk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d5996ee7490bd40087bdb69dca39c26e4faca71a6295c6092cdbea34de53d262

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=Tg4mUCw-gFKxKmtp8UhAaKcS_8MUsbiFumSuHs1jcYmzIbIkkElRbONLuDgPQas1gWX0GP6gsheSAuvwzYD1LENRj1JtUR5GMXqisrVVdpMuGfQ_ejoffEBG6kBkozvA9Kpx1arKR6DrljILBSLPDum0efhYmEgZ1sT97gj1F2bd2_cAqxfpOiwTvgyW_eEuXb4O7m22C7Ikip2CU8LQ813a2H_IP1-_IxhlEhcKBEvu693yGlxDZzU9dJ-BUS4cW-EDrqLP1eFamVR2M_xfabcm3nSW-FG_HSu1bNA7XBgMuq-CLnK8AazGERyHK8g8e4hw-ATIG97UnTyTFDOx5SKqmyV7-wLhVkzj2jNBu6lTIRFNMEEeuB9lv-lLQjmoUTOv8Zo8E7K8jzFpgyvYxoz1vpJfVQZATZf3YtDKZnm03rUaFtOggysxTqFU5hPQe9kmdhZ2o8yYGiNOtg9HcgijlzFDezd-ZuY6SUakh4NQ56arvEsz0oGgvh1pwMUrPqHX_ATH2h1JqA_edfsf9b2wwaelAni4u-rj_ohF5iuJztT34iQms1atH5ZUB6j8uVnzIUKp_YnNMGJYojtRGUDnWaISLnjrzjEB1VDQlYfxrDhfg4EQYjxncA1gEPokG4UaQpjwU1Cwxh5hRbNGI-BR-1enApiaqeVWfaK9YyJiV-iBViqFfjk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535279344d09873439db553e22dca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b3c39809d3bc3213d946307442df8e04e135873ca063ccddce5e6ad0f8449a22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=PJUdWpwG6LYbf3iGDtWQ890D1HaF-EEp7HCzXg5rIzI1pf2NvLjx7mjiJPZfzF8VUHGG2-nQsZ_x8GejAUMJUrWCwkXeQS9em-zN90xBO1ghnFwDRecDSIYS_hfzc7MOqEDRVytZ05CER7tL0gL4ZQzJxlCIE--7xrhW80YfADRK6sZV83WAcs35EwqaMr57x6XPCAUUKxt-WdLATsMxPfT9gaqremaz8uCakkMQwyJje4M4JgrCNISGgvl6vpGb5BGCkeil5XvuQ1xasxqfxq0l5-ZLicDMHO_j9ZEmU_SRLtpuScDVt65BrCnrS3td52li3OpDuHa74v8KdUZ9FdpFdd0_55TX7rtrwncBAgsvJpmKJ1EL8VWxSsN7liYVHsAHKkoqmnJ3TQZGz3ZFinHUmL2ATCCW-vR__ryLM-cmATpus0dbS6H49ht_nJBTcIPHG0D0D-8Y2Az3rXt25-axS-LtxGvuzQvgEYWJeiQdaglYaAQYQZ-LLR23OQxB99QzJ5-6HUr0dTvd7Ym8PUus2AX4BC-PLgilQFrvitC3jnOrFmLI8GsY-4xoVvD7dbHQtOqimKP1OnobWIT3vEn8IHVVhJHerXjk0YTylC3YjxZq5ZKhdhedsoqtLCQ4skJW6-P4ZfNM7Hu4dzCxcFR_tPqitFtC3QfmmIZ-JljygZGgSoWFHDQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6d7f42602efc17bc998af2c762f463624c217a3d75890e4d530f0d17b328925f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=PJUdWpwG6LYbf3iGDtWQ890D1HaF-EEp7HCzXg5rIzI1pf2NvLjx7mjiJPZfzF8VUHGG2-nQsZ_x8GejAUMJUrWCwkXeQS9em-zN90xBO1ghnFwDRecDSIYS_hfzc7MOqEDRVytZ05CER7tL0gL4ZQzJxlCIE--7xrhW80YfADRK6sZV83WAcs35EwqaMr57x6XPCAUUKxt-WdLATsMxPfT9gaqremaz8uCakkMQwyJje4M4JgrCNISGgvl6vpGb5BGCkeil5XvuQ1xasxqfxq0l5-ZLicDMHO_j9ZEmU_SRLtpuScDVt65BrCnrS3td52li3OpDuHa74v8KdUZ9FdpFdd0_55TX7rtrwncBAgsvJpmKJ1EL8VWxSsN7liYVHsAHKkoqmnJ3TQZGz3ZFinHUmL2ATCCW-vR__ryLM-cmATpus0dbS6H49ht_nJBTcIPHG0D0D-8Y2Az3rXt25-axS-LtxGvuzQvgEYWJeiQdaglYaAQYQZ-LLR23OQxB99QzJ5-6HUr0dTvd7Ym8PUus2AX4BC-PLgilQFrvitC3jnOrFmLI8GsY-4xoVvD7dbHQtOqimKP1OnobWIT3vEn8IHVVhJHerXjk0YTylC3YjxZq5ZKhdhedsoqtLCQ4skJW6-P4ZfNM7Hu4dzCxcFR_tPqitFtC3QfmmIZ-JljygZGgSoWFHDQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=PJUdWpwG6LYbf3iGDtWQ890D1HaF-EEp7HCzXg5rIzI1pf2NvLjx7mjiJPZfzF8VUHGG2-nQsZ_x8GejAUMJUrWCwkXeQS9em-zN90xBO1ghnFwDRecDSIYS_hfzc7MOqEDRVytZ05CER7tL0gL4ZQzJxlCIE--7xrhW80YfADRK6sZV83WAcs35EwqaMr57x6XPCAUUKxt-WdLATsMxPfT9gaqremaz8uCakkMQwyJje4M4JgrCNISGgvl6vpGb5BGCkeil5XvuQ1xasxqfxq0l5-ZLicDMHO_j9ZEmU_SRLtpuScDVt65BrCnrS3td52li3OpDuHa74v8KdUZ9FdpFdd0_55TX7rtrwncBAgsvJpmKJ1EL8VWxSsN7liYVHsAHKkoqmnJ3TQZGz3ZFinHUmL2ATCCW-vR__ryLM-cmATpus0dbS6H49ht_nJBTcIPHG0D0D-8Y2Az3rXt25-axS-LtxGvuzQvgEYWJeiQdaglYaAQYQZ-LLR23OQxB99QzJ5-6HUr0dTvd7Ym8PUus2AX4BC-PLgilQFrvitC3jnOrFmLI8GsY-4xoVvD7dbHQtOqimKP1OnobWIT3vEn8IHVVhJHerXjk0YTylC3YjxZq5ZKhdhedsoqtLCQ4skJW6-P4ZfNM7Hu4dzCxcFR_tPqitFtC3QfmmIZ-JljygZGgSoWFHDQ=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=PJUdWpwG6LYbf3iGDtWQ890D1HaF-EEp7HCzXg5rIzI1pf2NvLjx7mjiJPZfzF8VUHGG2-nQsZ_x8GejAUMJUrWCwkXeQS9em-zN90xBO1ghnFwDRecDSIYS_hfzc7MOqEDRVytZ05CER7tL0gL4ZQzJxlCIE--7xrhW80YfADRK6sZV83WAcs35EwqaMr57x6XPCAUUKxt-WdLATsMxPfT9gaqremaz8uCakkMQwyJje4M4JgrCNISGgvl6vpGb5BGCkeil5XvuQ1xasxqfxq0l5-ZLicDMHO_j9ZEmU_SRLtpuScDVt65BrCnrS3td52li3OpDuHa74v8KdUZ9FdpFdd0_55TX7rtrwncBAgsvJpmKJ1EL8VWxSsN7liYVHsAHKkoqmnJ3TQZGz3ZFinHUmL2ATCCW-vR__ryLM-cmATpus0dbS6H49ht_nJBTcIPHG0D0D-8Y2Az3rXt25-axS-LtxGvuzQvgEYWJeiQdaglYaAQYQZ-LLR23OQxB99QzJ5-6HUr0dTvd7Ym8PUus2AX4BC-PLgilQFrvitC3jnOrFmLI8GsY-4xoVvD7dbHQtOqimKP1OnobWIT3vEn8IHVVhJHerXjk0YTylC3YjxZq5ZKhdhedsoqtLCQ4skJW6-P4ZfNM7Hu4dzCxcFR_tPqitFtC3QfmmIZ-JljygZGgSoWFHDQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535fa687dd4ef8b40e2b1b6889590&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
38c80b59b617f588e3638d09bc9f38d176b6f115b4543479550da0a5faea0a5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:35 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=c0V4xWb2zfKhCeGouNaORHxcPc9w2X_22E7kTM-prg2OgRLXUq5eC8S6VcM_ArsR_-C9cIOKc4QdwxVSJ4e-qeTEuXN1nJQq7ikbg8OuMgkPGfd6xdJ3BnnjtVz3_j8FNjsydzr0pM4MxEOiQJvlHykMyQRz6P5sErAYyFe5gAaGXyREv1dqdNp7wxtmSh0sabqtLAYgUtLCEX9Brdasx_RYd66RG-NPnRYJEkihCzxSm8E5XOyZJSyxg0-4cfJmiO_PrxID7rqzr6twUEWx2yBGh6176IFLFnr_XYZ7A0JJYjfTHmuwJ0Liomw49SH4uKfbJtJwTQ7dVqBnG4-ehzdlCgmnPq44abRrwTPLd58brsbHe68zLfvF_kAl1AG6XC3ECZ0hltjQ3tfVzRGV_5DDdPxJSeasMtPoSZbRyYaZXUhFBhB9tieOgnntxs27_iQwssJtQXZGDhEWSDZtBLZUVMa_3Qyq0oG96LRxHQMrTLXHfsXi0QUaGHO9XZZFCt5og3rGzkkMGfF5stcOKfDvhGhN21JImhJcwqZvi-cqYDvTxA737-U7PEwCiyD89qvvpkBlaSiClokr07vumGzwqJ7vsz94JC9QtjJfwv17Ho6xQe-QNMIzns12slWAgLcWeTtebOe_DH8XU6H23-RCI5LSrU6kP41OYykesVNmgjzj6I6Uk5A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
24030b684191516229d782d60ff7b170026f8d6c73045386ecd9cea6d3d7dc4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=c0V4xWb2zfKhCeGouNaORHxcPc9w2X_22E7kTM-prg2OgRLXUq5eC8S6VcM_ArsR_-C9cIOKc4QdwxVSJ4e-qeTEuXN1nJQq7ikbg8OuMgkPGfd6xdJ3BnnjtVz3_j8FNjsydzr0pM4MxEOiQJvlHykMyQRz6P5sErAYyFe5gAaGXyREv1dqdNp7wxtmSh0sabqtLAYgUtLCEX9Brdasx_RYd66RG-NPnRYJEkihCzxSm8E5XOyZJSyxg0-4cfJmiO_PrxID7rqzr6twUEWx2yBGh6176IFLFnr_XYZ7A0JJYjfTHmuwJ0Liomw49SH4uKfbJtJwTQ7dVqBnG4-ehzdlCgmnPq44abRrwTPLd58brsbHe68zLfvF_kAl1AG6XC3ECZ0hltjQ3tfVzRGV_5DDdPxJSeasMtPoSZbRyYaZXUhFBhB9tieOgnntxs27_iQwssJtQXZGDhEWSDZtBLZUVMa_3Qyq0oG96LRxHQMrTLXHfsXi0QUaGHO9XZZFCt5og3rGzkkMGfF5stcOKfDvhGhN21JImhJcwqZvi-cqYDvTxA737-U7PEwCiyD89qvvpkBlaSiClokr07vumGzwqJ7vsz94JC9QtjJfwv17Ho6xQe-QNMIzns12slWAgLcWeTtebOe_DH8XU6H23-RCI5LSrU6kP41OYykesVNmgjzj6I6Uk5A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605356b2b01325a1840c3b3a7144c9a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
00a524a2df43046fb1d0a071ac56dea1289943d8fb41dd3f5b78a29a537d071f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=iHpWl2410h5oXA1UOA545fqUhxNjMiNrnNTSrcolqklzs8OmTuoBxfAVig_AeiVg20s1234QCPoUxeUKZbUzrSkmBhUW4p0fRdduOEgGTMbaM6v7g2tFQyUDzxxTp0_dfpwj_iGugnNUwA8Oap6Zu3nJPJCenNyGDok0coqlt_XXcmbM2ci0wnFgs6ooiSaOrE5JW4fHGVjHCH9svEng9-GoKp4fxglhznRQvvoTTDf6mFW8BpmGAwb8p9Bff01omvrpRon3QkDLP8jtFg3QZjFK9ivdRSFPPEA5PkHdoMYuNS3g0e15bU4J-AZsCTtDwGo0KwUTr9YlWgbUxGdHPwlLEUHqTEoci-mbRwYdX-qFKx2AHdMM825Ic78QMRCDhfQZsm4UGM1JidX08y2iT7_rE4DCv9m3I9zTNDwGrRBd7drjSag_SQm5GfIC9nQ-BNCjsDMeTbXPrjWcUhvNdFh1MUPyWtXgM9lsXAU_X8ZUBuYGn7RZheCu3eG0-rge72MIPT0h7tH35UEKYLdYgdjwNlgm32vaxbhEW_jqhXmlFIccNdwJ6aVdrkT1cmYfNNQHrtqi9C-RDqAEfB4uJh_oAcRh4qsClTrdRkdhq7UNc0BcG7YJXvvHDza7T3-d88aEqvHbuPijYxdJ4fxuhVvQnsMrEbmqCSWmhzoaJrSdtmce7fIWjNg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
627b6d9e20cd3374bcb8de6725e7815340a8ad6d8a1359a703b03408f533c158

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=iHpWl2410h5oXA1UOA545fqUhxNjMiNrnNTSrcolqklzs8OmTuoBxfAVig_AeiVg20s1234QCPoUxeUKZbUzrSkmBhUW4p0fRdduOEgGTMbaM6v7g2tFQyUDzxxTp0_dfpwj_iGugnNUwA8Oap6Zu3nJPJCenNyGDok0coqlt_XXcmbM2ci0wnFgs6ooiSaOrE5JW4fHGVjHCH9svEng9-GoKp4fxglhznRQvvoTTDf6mFW8BpmGAwb8p9Bff01omvrpRon3QkDLP8jtFg3QZjFK9ivdRSFPPEA5PkHdoMYuNS3g0e15bU4J-AZsCTtDwGo0KwUTr9YlWgbUxGdHPwlLEUHqTEoci-mbRwYdX-qFKx2AHdMM825Ic78QMRCDhfQZsm4UGM1JidX08y2iT7_rE4DCv9m3I9zTNDwGrRBd7drjSag_SQm5GfIC9nQ-BNCjsDMeTbXPrjWcUhvNdFh1MUPyWtXgM9lsXAU_X8ZUBuYGn7RZheCu3eG0-rge72MIPT0h7tH35UEKYLdYgdjwNlgm32vaxbhEW_jqhXmlFIccNdwJ6aVdrkT1cmYfNNQHrtqi9C-RDqAEfB4uJh_oAcRh4qsClTrdRkdhq7UNc0BcG7YJXvvHDza7T3-d88aEqvHbuPijYxdJ4fxuhVvQnsMrEbmqCSWmhzoaJrSdtmce7fIWjNg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535906638a4d2a9414c9ac8d8e847&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d506a4044410e09a088b6655a8041459a647d03ba098a562f476ad6986ff63ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=VJ0Dk1xDdTadmfWUR4hLC78OaHcK01CDgKCNkiPl78Cj2elHTXSh-XR0n9m56ymU_V_SGRSLNs4PbOkWVAF3ekKa_paNzAizS95u7I--EeQ1xnOXtTlKqtxoIeQ3x4jZIr9RJcxEPCQFXNYLRyfhXCBCCki2h6whiSzDCEeRnfI-y5e6Qw0MmwNAFj5T82bzXrLPqheR12srR-SAEDjPvpqEYNi_FHb78j7GPhWRCHQR3orU2NUZiG6AZJbCFWvLijefR4ZhESN3e-LdEo_J4FyRbU-FAFxuRYW3NXQPV_Q62VSr6Vroz9rLz1knoVS8KdpEF8yQbpG2PtL5YHTzOICAFnqOpjlPp758iX4Yrot1d712rvWwRzq9PxR3S_2HlwG6YaJE90wJ6jZCCiMaV4LNQvKk6TsGVVyuFvdQk0Mw5CVVB5Ws5hKJtQFc-xdBDAPz74gNsCckrD5WlD_QgTtvyPJFCbR5EE3VW5O4Uyq3VIVspB2AtAZKGHlCrqt-s5o_y7vM39LT-HrZjehOBs_gpZ5B3zS0GaDgOGQnAMwIAbaO7ud7ElWAbTogDeJCLmiFx815e8hhyQXbyPO1okil-VYtNzN5RkIZsvuveRlxj5Elq4iK1wPegOSjK2RHtmmHNbi5VgqutQ9apigg0Z_A-H76nXNrFe0uCtrihubU-AqDOeMlgKs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1b486788d62b0d817d5d2ad744020b18492c3a3a1efb9cc06493eef84aa10635

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=VJ0Dk1xDdTadmfWUR4hLC78OaHcK01CDgKCNkiPl78Cj2elHTXSh-XR0n9m56ymU_V_SGRSLNs4PbOkWVAF3ekKa_paNzAizS95u7I--EeQ1xnOXtTlKqtxoIeQ3x4jZIr9RJcxEPCQFXNYLRyfhXCBCCki2h6whiSzDCEeRnfI-y5e6Qw0MmwNAFj5T82bzXrLPqheR12srR-SAEDjPvpqEYNi_FHb78j7GPhWRCHQR3orU2NUZiG6AZJbCFWvLijefR4ZhESN3e-LdEo_J4FyRbU-FAFxuRYW3NXQPV_Q62VSr6Vroz9rLz1knoVS8KdpEF8yQbpG2PtL5YHTzOICAFnqOpjlPp758iX4Yrot1d712rvWwRzq9PxR3S_2HlwG6YaJE90wJ6jZCCiMaV4LNQvKk6TsGVVyuFvdQk0Mw5CVVB5Ws5hKJtQFc-xdBDAPz74gNsCckrD5WlD_QgTtvyPJFCbR5EE3VW5O4Uyq3VIVspB2AtAZKGHlCrqt-s5o_y7vM39LT-HrZjehOBs_gpZ5B3zS0GaDgOGQnAMwIAbaO7ud7ElWAbTogDeJCLmiFx815e8hhyQXbyPO1okil-VYtNzN5RkIZsvuveRlxj5Elq4iK1wPegOSjK2RHtmmHNbi5VgqutQ9apigg0Z_A-H76nXNrFe0uCtrihubU-AqDOeMlgKs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e65a75d185d340229c002bc342&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
15bd98e36df84bd3b589e92607bb6a213a2bb97a69e7e7ea956b3f577df7be57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=3kLFM6lssoFSyWaYxtcF0tuuESVUSJ1fUGO6L71jLRYvQoGTgDyTjZuHv_0b_8A14k1A2CZ0BYB3pZ0rv9oXJUPNmkHggAOuRvNAxLgKWgLd8U3IE-193MiERoO1aQ28haPt-uE8JtfF7BCAcc8YGQ3WbQ4Cp1FP-ih1JVunPyDhn3zhp-zS8cXh6aNALymYrT2GYdOyjsQPjQvslHzf20Wykba3wKYjkh77Fa9UFKyZxuh6fZBgoLUi4RTmbeK9Tfys-123jVOT90MkF4LWh1zDYFQCafRxFDRkXpBCu1OUgqs3TuLkFRFwOXsXsXQvoPJcAaA62Emf6Rwa5pYnZaZTgQzxv0xCxmeL2s9cMQltPwKtA_USAJKC3XTInnXCXPDqNtngSfzA88lydQv0nRXTA4Tf6ACrMn1NZNmr7QR69SkAZu_3TAIY_aaDyOWnLZMO2nrwVCKSC_UUoCVV00NkQ6ve7UbZkDgr5H86vwPOPkVnvQGZqvQ5RyO4W-jA9OwvxjB96yyH6rUfx4sxSlo04Ry6tzgRBFeIV12xRbBZjC0f87DQXcqQsDr1ptQoZp9RNgBgCNKPsXdxgodx3wGUL3_hUnBInJn6Y_ISxLVAQqEFI-OsUaiwqbsvNYs9-mjSd1e2_3vXmd4wV-rWzJRhRNJtuczcoa4L1OKIhv37wJmFTS_w_90=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8712e0afda288a7b775b8e68d7a33a051398bfdf527512c71e6795b9f2f92b8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=3kLFM6lssoFSyWaYxtcF0tuuESVUSJ1fUGO6L71jLRYvQoGTgDyTjZuHv_0b_8A14k1A2CZ0BYB3pZ0rv9oXJUPNmkHggAOuRvNAxLgKWgLd8U3IE-193MiERoO1aQ28haPt-uE8JtfF7BCAcc8YGQ3WbQ4Cp1FP-ih1JVunPyDhn3zhp-zS8cXh6aNALymYrT2GYdOyjsQPjQvslHzf20Wykba3wKYjkh77Fa9UFKyZxuh6fZBgoLUi4RTmbeK9Tfys-123jVOT90MkF4LWh1zDYFQCafRxFDRkXpBCu1OUgqs3TuLkFRFwOXsXsXQvoPJcAaA62Emf6Rwa5pYnZaZTgQzxv0xCxmeL2s9cMQltPwKtA_USAJKC3XTInnXCXPDqNtngSfzA88lydQv0nRXTA4Tf6ACrMn1NZNmr7QR69SkAZu_3TAIY_aaDyOWnLZMO2nrwVCKSC_UUoCVV00NkQ6ve7UbZkDgr5H86vwPOPkVnvQGZqvQ5RyO4W-jA9OwvxjB96yyH6rUfx4sxSlo04Ry6tzgRBFeIV12xRbBZjC0f87DQXcqQsDr1ptQoZp9RNgBgCNKPsXdxgodx3wGUL3_hUnBInJn6Y_ISxLVAQqEFI-OsUaiwqbsvNYs9-mjSd1e2_3vXmd4wV-rWzJRhRNJtuczcoa4L1OKIhv37wJmFTS_w_90=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535831e41e0b167462299d38f68ff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:36 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bbc3d17cb04366c628a166300c9d32d63f44cc1b8d5eef836d2678c99237f3f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=4UQorjnJtsTbTm_Lx9_eJ5PrKOQ22royLgnSCp0mbtCdz5zWE5NHUOYDTq5AWKFuxUErBtwfSRtj0LjsaFQ2nAPf856t67_1Gs2IztN8kKWjGaqORT-duS0-z649-2xb94-ba6TpWJDs6ZheQX2Xv8kjpRIMF6rLMLOeYw7roIacOtnu8odFTBOVOoOA-vm5GwzakcVRQ2tj-PGsmrfdi5CybqKhhk3vdcb4EOU7xQiwhALFR4yzPNhYZwgPi2qZYVZ_dnHu22KPY4HAsQ22PHbIZM_eO-4yuaI3-b_I2db9ZNf2zixC_Zxis2joQs_ciLB0Sp0xl-hc_u39IJsBIZPRk5y3Tk3AKyPIg4lVY0FoL4T6aATl6L2kWgHT5RTXnR7nrYdZRFMzCbaII7cDpgUN0WjfSSF2hjMckUXU1wugglpT9dG3e4wdSGPxMrjalUGYWwvFkeZ6lZo_QVfprKn7s_-RiByxaYt8LT2xDd2uAzgeFkquQmZjqoL5QrhWDTsdoNxtx03s7O-CNCgCTDkA0_9okjCJH_ARTuWWYqzahkvQU1pV_-fAaVeyIFlMyBw3uHu6O24aECve08N3yC5hEXFJcQ4oqISE6VT-5oTGBvAwOBFB-pGvbjSiz8wqAS3jFFWrB-vD8NMe5frf-iqXOEwNxLOKtpMp0ie-xJk8K8MsGasJlvQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eadf275bd88ce1689c48912016bf49a0d274bf77e9536b3f285e8157a1e39340

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=4UQorjnJtsTbTm_Lx9_eJ5PrKOQ22royLgnSCp0mbtCdz5zWE5NHUOYDTq5AWKFuxUErBtwfSRtj0LjsaFQ2nAPf856t67_1Gs2IztN8kKWjGaqORT-duS0-z649-2xb94-ba6TpWJDs6ZheQX2Xv8kjpRIMF6rLMLOeYw7roIacOtnu8odFTBOVOoOA-vm5GwzakcVRQ2tj-PGsmrfdi5CybqKhhk3vdcb4EOU7xQiwhALFR4yzPNhYZwgPi2qZYVZ_dnHu22KPY4HAsQ22PHbIZM_eO-4yuaI3-b_I2db9ZNf2zixC_Zxis2joQs_ciLB0Sp0xl-hc_u39IJsBIZPRk5y3Tk3AKyPIg4lVY0FoL4T6aATl6L2kWgHT5RTXnR7nrYdZRFMzCbaII7cDpgUN0WjfSSF2hjMckUXU1wugglpT9dG3e4wdSGPxMrjalUGYWwvFkeZ6lZo_QVfprKn7s_-RiByxaYt8LT2xDd2uAzgeFkquQmZjqoL5QrhWDTsdoNxtx03s7O-CNCgCTDkA0_9okjCJH_ARTuWWYqzahkvQU1pV_-fAaVeyIFlMyBw3uHu6O24aECve08N3yC5hEXFJcQ4oqISE6VT-5oTGBvAwOBFB-pGvbjSiz8wqAS3jFFWrB-vD8NMe5frf-iqXOEwNxLOKtpMp0ie-xJk8K8MsGasJlvQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535258ad4bf4aa445feb83530d1ec&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4eb185dea5a1d504931c21d3c7cb53ebe58b44cff2d79aae03bc5a584605a5bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=ph4_Jyblrg9C_Sqy2WwLKqLoWjrerPf3QlmxM1ExBWfaouJL6v0rah6VANhOSF5J0lGnOjC42xaRUQ7xHCdqlqL9gAZ3WNx2hQDchwDdeljRMNjQ-DfjxlV7kAXqzY-50St0mS3K7iYDypJbppvV6Bhgji7LH20UtDYswx0N1p3N2fOelbao7ho-LJbuYQGA6rsLqnLr2zRKtI1cC9hX0Z3LIvW6yUH48TUb2r9fgGdymqlgs675HYA8sdYtnS5OFtKKidsZ6CaaYHbBAcUqo4gw79mGPjsgqzfi_uSVhJhDWHs2SE-6E8MeWjQ8V_pSunvD0eDzxu4tg_qVadm_g3AmUFG0FzxpCPZvEHqNaL60lT4SrZcllqbi84hjMa2LMslK-F8aVrSXXn9px2BxMAX_lrHMFz7W8SGioGX_wQeklol0H-_HurXoXDvDQy5IlmgvfaCF0D1nQMHrF3qZOHmmJYYV3LHr4zkdFAEpiyleEV-_Lc1A6P-eIVntel6b1EbSOWsV8S9vdv4oJ0-JUQ1Y9DwF81DBrvR7z7_ievCxkRcgbMhq2t_Y1I9rUOwG_m1iz3taVU9vz1uQTEHUl_GiN38a-44Xmi1z4BecTUsKPJBLACVCVWDjqRaZF5JACnkIv-Z0KyBTBLme6LbE5XP-kz_soVKqJXbGtyeFcd_RIj_NCqurHtQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00f45b896e512d9e7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=ph4_Jyblrg9C_Sqy2WwLKqLoWjrerPf3QlmxM1ExBWfaouJL6v0rah6VANhOSF5J0lGnOjC42xaRUQ7xHCdqlqL9gAZ3WNx2hQDchwDdeljRMNjQ-DfjxlV7kAXqzY-50St0mS3K7iYDypJbppvV6Bhgji7LH20UtDYswx0N1p3N2fOelbao7ho-LJbuYQGA6rsLqnLr2zRKtI1cC9hX0Z3LIvW6yUH48TUb2r9fgGdymqlgs675HYA8sdYtnS5OFtKKidsZ6CaaYHbBAcUqo4gw79mGPjsgqzfi_uSVhJhDWHs2SE-6E8MeWjQ8V_pSunvD0eDzxu4tg_qVadm_g3AmUFG0FzxpCPZvEHqNaL60lT4SrZcllqbi84hjMa2LMslK-F8aVrSXXn9px2BxMAX_lrHMFz7W8SGioGX_wQeklol0H-_HurXoXDvDQy5IlmgvfaCF0D1nQMHrF3qZOHmmJYYV3LHr4zkdFAEpiyleEV-_Lc1A6P-eIVntel6b1EbSOWsV8S9vdv4oJ0-JUQ1Y9DwF81DBrvR7z7_ievCxkRcgbMhq2t_Y1I9rUOwG_m1iz3taVU9vz1uQTEHUl_GiN38a-44Xmi1z4BecTUsKPJBLACVCVWDjqRaZF5JACnkIv-Z0KyBTBLme6LbE5XP-kz_soVKqJXbGtyeFcd_RIj_NCqurHtQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00f45b896e512d9e7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00f45b896e512d9e7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00f45b896e512d9e7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535dc949efdd00f45b896e512d9e7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c200c1a90201979c79c3218208488ae2eb1127c9b2e948bdefe35a95090d5ae2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=hsT3BF6R-rIytNQmNDzQINVCR1OYv5ZlJHLZRz10wSjMtSqVe0fmCniRt0XGVKMkGyk6_gipC7ExOs4OGMma-Iyh_oboPUJcSJnkOHkxuWeR2DZbEYYE8-sQAc1fVTCeuem4aCikIXehZtATB0kSSQ4IofpuEn6eiE7QlNDMJlZXyl0ek0Erb-Hm0LatKoe_eM2qy1Q_KOVSt5uqYJSx5_KFsm9kEfQJLyqbVWJ-WfPrf40S1kCmA_E_g8Qbn64aPwyRwf029fuk2h5tFBL-8LV82tMtNv3XLSHp_YA2_jvXNfPo7ZJhF9qKfNiRXPlpK4KvvhjzNW7SL_aL9Xm74irM-MXd8z2rmD5R_eCGRRh_BPJpVkd3z2yMSTmX5u3uDVi57enqFyrpPTUSWEEU37rDatMXJajbHMi_QPlMmG_kKRcyiSfVBH1J02F8X8t8cBZWwyDdqq7Gp5EBnV5K-TCo7CBEUcDuNeCgcH0Q-ptkvdHQtzBXFab4Mg0lBBsN_3rNa_G1caey-OS9ULfAozvpaUqKQuNTYI42u9QHjld1thA0eOVlzWbvGC6I0zRYgKObCpxsDmWeyfXxuXfTzLtCzq8LjJX8_I3nLzGoMs9FqGPY_c1Dp2ep7tG27LK9qp7ebnTjDMIfD8wFF6mu0RZLuKz9Zt_SC0Oe7GKbY201qWYHk4SA8_s=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7e8b08990c3f733ee17fdaeb9b6e43608642e7977b70979386ae846d8fd513e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=hsT3BF6R-rIytNQmNDzQINVCR1OYv5ZlJHLZRz10wSjMtSqVe0fmCniRt0XGVKMkGyk6_gipC7ExOs4OGMma-Iyh_oboPUJcSJnkOHkxuWeR2DZbEYYE8-sQAc1fVTCeuem4aCikIXehZtATB0kSSQ4IofpuEn6eiE7QlNDMJlZXyl0ek0Erb-Hm0LatKoe_eM2qy1Q_KOVSt5uqYJSx5_KFsm9kEfQJLyqbVWJ-WfPrf40S1kCmA_E_g8Qbn64aPwyRwf029fuk2h5tFBL-8LV82tMtNv3XLSHp_YA2_jvXNfPo7ZJhF9qKfNiRXPlpK4KvvhjzNW7SL_aL9Xm74irM-MXd8z2rmD5R_eCGRRh_BPJpVkd3z2yMSTmX5u3uDVi57enqFyrpPTUSWEEU37rDatMXJajbHMi_QPlMmG_kKRcyiSfVBH1J02F8X8t8cBZWwyDdqq7Gp5EBnV5K-TCo7CBEUcDuNeCgcH0Q-ptkvdHQtzBXFab4Mg0lBBsN_3rNa_G1caey-OS9ULfAozvpaUqKQuNTYI42u9QHjld1thA0eOVlzWbvGC6I0zRYgKObCpxsDmWeyfXxuXfTzLtCzq8LjJX8_I3nLzGoMs9FqGPY_c1Dp2ep7tG27LK9qp7ebnTjDMIfD8wFF6mu0RZLuKz9Zt_SC0Oe7GKbY201qWYHk4SA8_s=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053539ce5fe970a840998780956086&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
14244978b112e728679d3668f413086b8dd4cc0616b89d688cfe89dc362b5686

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=TwmsGNsWwgzJLyJoWCrrbuF39sMugGDzTAc1sYiQxMJxY3Jb0AnVwh-eUG7aIGFHxBDpPtwsEd93i6g2NiDdQIvmFG7vu1g4D422LAzty-VwaDAWvq1yemHqMSvx6pkY0P2VbvlEuU2D6FoPI29zIabsOBKDid8SJax0CSo-_W9HICunt_zC_7ERezkOoMRhUVsT3xmTd8LUjzle1MbTSMqj3PRj6GRkhyjZztyVFAmra_5CGA9gSF7cAdXJ4p1hGOO9jH1aEx-AJ4KjIBqWwcOGO20xck1Ihjpe6YE2--hwbufJ77hA-8KbYJJXG1wYSFi7jzadPQz8-x_WTzSMb2O7xoh-fwwYwZSboO1Kei53cADqzVoXSGkkI9UurVRjxAEyIuRzhN25e_zn5-pjNFqZq9w2Glk8azGh_jNEdTmVj79wFnMZacgnUoDEB9Vjwpb5Q4qvmfruF9LW5vSXZhV0jDPVcEa6zr5eScDkS2jXrb3zKLNCcGOQbToCd57WhBjaVjTMDw60aUacFG-x97RMg4FxAAHSnE-nW3VXPTzQoiTnFuCHcXzn0uZnvxediHBXg3R1dyaLhgtMWt6UCmeq0JxOUGUtvx3_LThJvm6e4w8LBBVA1Dmr7HJh93b1YuGW-p32eng5tZxOsO4A8l_MnxVfMWDNekQSrLEkEL1KmI_jxexG5qU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=TwmsGNsWwgzJLyJoWCrrbuF39sMugGDzTAc1sYiQxMJxY3Jb0AnVwh-eUG7aIGFHxBDpPtwsEd93i6g2NiDdQIvmFG7vu1g4D422LAzty-VwaDAWvq1yemHqMSvx6pkY0P2VbvlEuU2D6FoPI29zIabsOBKDid8SJax0CSo-_W9HICunt_zC_7ERezkOoMRhUVsT3xmTd8LUjzle1MbTSMqj3PRj6GRkhyjZztyVFAmra_5CGA9gSF7cAdXJ4p1hGOO9jH1aEx-AJ4KjIBqWwcOGO20xck1Ihjpe6YE2--hwbufJ77hA-8KbYJJXG1wYSFi7jzadPQz8-x_WTzSMb2O7xoh-fwwYwZSboO1Kei53cADqzVoXSGkkI9UurVRjxAEyIuRzhN25e_zn5-pjNFqZq9w2Glk8azGh_jNEdTmVj79wFnMZacgnUoDEB9Vjwpb5Q4qvmfruF9LW5vSXZhV0jDPVcEa6zr5eScDkS2jXrb3zKLNCcGOQbToCd57WhBjaVjTMDw60aUacFG-x97RMg4FxAAHSnE-nW3VXPTzQoiTnFuCHcXzn0uZnvxediHBXg3R1dyaLhgtMWt6UCmeq0JxOUGUtvx3_LThJvm6e4w8LBBVA1Dmr7HJh93b1YuGW-p32eng5tZxOsO4A8l_MnxVfMWDNekQSrLEkEL1KmI_jxexG5qU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c27c90e50a77403184fe62c4e2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
12b7a78411ae18f85870a14cbea971f0b2b05383066d614cbae37c8fc4e95648

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:37 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=_BRfQ3QWY6YlI-q5dK9j_tSgyoImlAktMMdS1KnOBI8J_I8bAPHSm8c-RFPJQhIiH_E_rm7QkbuZw9UxeJRg-RZai4-nLchysooPSnYsKUmOsqYYYIJSPqZnGlMqfFGeikstW1HJ7sEuRdjRct5HHNpub97N1MRdOR0-nql48vZCQTDlPX4BwdF_NwSLyasYs1nzHUuH63GWryl5H6Vw4UdDv6FiI3p6nwFbOo6Ag8YB1aCLqdFhNeyGF3AV7aK-ARnn10aicaPNRrt9ntAPIkeCSLFTufbmkvLGx6--Vdk7MeoC_uNdQtqHhtm5tEB0bqL0dwTc6EsBxFR571SACrg9JGxbPfV1yMGlHYmGpnJRYiKwCxgfpdxYOycujQnYPek5e4JdjMoJGdWZfz0y1stSZKUFMxE10rnE7bRKqO6omZWPveWvu9F_5220_4t6X69UZtQEVWguvDR1CF7ArG1ZUxogNhOZJS2BjH1l1AaTRQgyujxEippPJ6XA6GUvSEgo1nYDSm7NMGiKeg5OolzWZgOO1zJLcKAjMysDN92fE9LGcB4QuaEHZ5TWxb3KcZ0u2aOehUTFVAvULqWiqQDz5AclG-baFvmdL12HVVPpCE_3HVSECKOWasTC2Llid9pDfRf25anoIMit03Vp5xn58MW4F2NJTTNcKyVWDTC6UgfMNQUTsIw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
56ce747945d8e6c002ae01b626e890adf19e16c76f75caee93e3da9441627021

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=_BRfQ3QWY6YlI-q5dK9j_tSgyoImlAktMMdS1KnOBI8J_I8bAPHSm8c-RFPJQhIiH_E_rm7QkbuZw9UxeJRg-RZai4-nLchysooPSnYsKUmOsqYYYIJSPqZnGlMqfFGeikstW1HJ7sEuRdjRct5HHNpub97N1MRdOR0-nql48vZCQTDlPX4BwdF_NwSLyasYs1nzHUuH63GWryl5H6Vw4UdDv6FiI3p6nwFbOo6Ag8YB1aCLqdFhNeyGF3AV7aK-ARnn10aicaPNRrt9ntAPIkeCSLFTufbmkvLGx6--Vdk7MeoC_uNdQtqHhtm5tEB0bqL0dwTc6EsBxFR571SACrg9JGxbPfV1yMGlHYmGpnJRYiKwCxgfpdxYOycujQnYPek5e4JdjMoJGdWZfz0y1stSZKUFMxE10rnE7bRKqO6omZWPveWvu9F_5220_4t6X69UZtQEVWguvDR1CF7ArG1ZUxogNhOZJS2BjH1l1AaTRQgyujxEippPJ6XA6GUvSEgo1nYDSm7NMGiKeg5OolzWZgOO1zJLcKAjMysDN92fE9LGcB4QuaEHZ5TWxb3KcZ0u2aOehUTFVAvULqWiqQDz5AclG-baFvmdL12HVVPpCE_3HVSECKOWasTC2Llid9pDfRf25anoIMit03Vp5xn58MW4F2NJTTNcKyVWDTC6UgfMNQUTsIw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=_BRfQ3QWY6YlI-q5dK9j_tSgyoImlAktMMdS1KnOBI8J_I8bAPHSm8c-RFPJQhIiH_E_rm7QkbuZw9UxeJRg-RZai4-nLchysooPSnYsKUmOsqYYYIJSPqZnGlMqfFGeikstW1HJ7sEuRdjRct5HHNpub97N1MRdOR0-nql48vZCQTDlPX4BwdF_NwSLyasYs1nzHUuH63GWryl5H6Vw4UdDv6FiI3p6nwFbOo6Ag8YB1aCLqdFhNeyGF3AV7aK-ARnn10aicaPNRrt9ntAPIkeCSLFTufbmkvLGx6--Vdk7MeoC_uNdQtqHhtm5tEB0bqL0dwTc6EsBxFR571SACrg9JGxbPfV1yMGlHYmGpnJRYiKwCxgfpdxYOycujQnYPek5e4JdjMoJGdWZfz0y1stSZKUFMxE10rnE7bRKqO6omZWPveWvu9F_5220_4t6X69UZtQEVWguvDR1CF7ArG1ZUxogNhOZJS2BjH1l1AaTRQgyujxEippPJ6XA6GUvSEgo1nYDSm7NMGiKeg5OolzWZgOO1zJLcKAjMysDN92fE9LGcB4QuaEHZ5TWxb3KcZ0u2aOehUTFVAvULqWiqQDz5AclG-baFvmdL12HVVPpCE_3HVSECKOWasTC2Llid9pDfRf25anoIMit03Vp5xn58MW4F2NJTTNcKyVWDTC6UgfMNQUTsIw=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=_BRfQ3QWY6YlI-q5dK9j_tSgyoImlAktMMdS1KnOBI8J_I8bAPHSm8c-RFPJQhIiH_E_rm7QkbuZw9UxeJRg-RZai4-nLchysooPSnYsKUmOsqYYYIJSPqZnGlMqfFGeikstW1HJ7sEuRdjRct5HHNpub97N1MRdOR0-nql48vZCQTDlPX4BwdF_NwSLyasYs1nzHUuH63GWryl5H6Vw4UdDv6FiI3p6nwFbOo6Ag8YB1aCLqdFhNeyGF3AV7aK-ARnn10aicaPNRrt9ntAPIkeCSLFTufbmkvLGx6--Vdk7MeoC_uNdQtqHhtm5tEB0bqL0dwTc6EsBxFR571SACrg9JGxbPfV1yMGlHYmGpnJRYiKwCxgfpdxYOycujQnYPek5e4JdjMoJGdWZfz0y1stSZKUFMxE10rnE7bRKqO6omZWPveWvu9F_5220_4t6X69UZtQEVWguvDR1CF7ArG1ZUxogNhOZJS2BjH1l1AaTRQgyujxEippPJ6XA6GUvSEgo1nYDSm7NMGiKeg5OolzWZgOO1zJLcKAjMysDN92fE9LGcB4QuaEHZ5TWxb3KcZ0u2aOehUTFVAvULqWiqQDz5AclG-baFvmdL12HVVPpCE_3HVSECKOWasTC2Llid9pDfRf25anoIMit03Vp5xn58MW4F2NJTTNcKyVWDTC6UgfMNQUTsIw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535186b148de53546e9b16adb44e3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8e0f660bc138583ca793a57a16fef132aff2e4ce84c27d2e9688e2a9e7ea40d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=vGDCV9ULvk0ObX64NyNDFFraWIv36gpXU5Od-52WrzLpcvFo43lRTPnH4ZM2LA7PyyTXKNfqd4Olws07UEYMe9Rpax-uMmpJT8efz13aeiJ0cAjQkV-3KGJsZm-lFIbhwmHD8PUEPbZZwdWn9rgy8KdUuSTZ-1228vyoH_Zz9wa5VCZeCHC8xMB7UPR8B_mLQr7GJt8cI3-7z2y2_XztjuIGiiT5Pt8CY7Ll7Pytoos5DnunUjC77JF7V-uHrUpLh5OsSnGVGhqERhd4W6ga0YGDwq5x6Z2T2eLW1Sa1Aaqqk35z42e7R8AL_kqiUu1oCwKGgBrRBXH5gUGXnXlkj80Gia7LshCBHFZMOhZAZBL9aqKgP2S56cA3W4d_tvuJ10Tv6z3CvIix-p9eIs6XvtZ32FU9sNCsMxvt5KiKQyIDoWAW5avdEafXF_vWvTI062nvhOkmQ8ATA-jalDFHt3fJhiRkfOAUBMds7i2-WLgRzAkHA81YsiV98-G5zFFvImW1-YkXOfBd3J14s7crwquP4TEMkl202QqyV9-vU_OxE18kYLuuF3hj35R1AWU6BWJnn3qlu_7GvmN2xQeOqFbT0bqIJJBiUwYSUb6CusMzfgmdeWDli0E8vKWpzTrfmTTAHIYA6uBORP4cQiNBskb4zOEsolbM-3upg215b5kV9rmnvDmW08A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e7ba9114a9c9643d206efc14c6b23ee1ff2f25db22751826306a7dc154146b23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=vGDCV9ULvk0ObX64NyNDFFraWIv36gpXU5Od-52WrzLpcvFo43lRTPnH4ZM2LA7PyyTXKNfqd4Olws07UEYMe9Rpax-uMmpJT8efz13aeiJ0cAjQkV-3KGJsZm-lFIbhwmHD8PUEPbZZwdWn9rgy8KdUuSTZ-1228vyoH_Zz9wa5VCZeCHC8xMB7UPR8B_mLQr7GJt8cI3-7z2y2_XztjuIGiiT5Pt8CY7Ll7Pytoos5DnunUjC77JF7V-uHrUpLh5OsSnGVGhqERhd4W6ga0YGDwq5x6Z2T2eLW1Sa1Aaqqk35z42e7R8AL_kqiUu1oCwKGgBrRBXH5gUGXnXlkj80Gia7LshCBHFZMOhZAZBL9aqKgP2S56cA3W4d_tvuJ10Tv6z3CvIix-p9eIs6XvtZ32FU9sNCsMxvt5KiKQyIDoWAW5avdEafXF_vWvTI062nvhOkmQ8ATA-jalDFHt3fJhiRkfOAUBMds7i2-WLgRzAkHA81YsiV98-G5zFFvImW1-YkXOfBd3J14s7crwquP4TEMkl202QqyV9-vU_OxE18kYLuuF3hj35R1AWU6BWJnn3qlu_7GvmN2xQeOqFbT0bqIJJBiUwYSUb6CusMzfgmdeWDli0E8vKWpzTrfmTTAHIYA6uBORP4cQiNBskb4zOEsolbM-3upg215b5kV9rmnvDmW08A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c405b3c84cfd48eba75abba22d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d0041e8f376e0b8c7aaa2e8b0cb131aaed28c9ce5b1e295e0cd3e0d32fbf76da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=fh6X420PI9L9uVBImOahLmkTaWvV6BW24dsmy-V0JAyaMXVnjkurjqmuDeUixtTRHDER7OvNLYPahRDY6hX0y_p3yNTjCW4Bc9AO6L6iokjL0vBE94P3DYx112bfqrbGfeAFBf9eNusYgT2mPH0oe351rkj0qGWayoMBfLplcvM3AEIjfSifS4SbE9nf8Uaw11TmW6QLgSm-rF39Vd6UD5hz0AVVB-JIzh05ZXfbPrmc_T9cvRny2ehMzkpv3V-AS7Wi1HvzePNSpE8VHiQxUd2CBK-BfHbdJDalI0JwI-4UMaJBd6ZeRRg3pj3nvvFZBrOW8gLesaenoAzDZJw9RX50u_DkMmSbBUGVfT2zsQvBLfTKba5TGiraBLRPbDYAVKVdgkrwMuJigJfH3lX_EPJGXgoPCl4hn5Oy6HtC3_JnG56ADB-2NYmzme5wePjfENTl32lc_UaYkvRBTG586EGj68xkJnN7xUOLzQB6wgfxv4J6dRJtyQkl-KoX3aESXbRC6R5TtLoFcilKs2hzPzeoDjnJeIUgNh_lSjC7QV16_aYvFCNSelgMudDPhhu2h3ze-NIC5rKfAvvWLrTKHyqkqmsCE95RCQLSOJ33LY_d1Z4iNOykE6WDYigiUXVgJCWbO-MPqBvDGxwWFg470pXHdQ2PXydNNNeVRJiKheI-3JzlbPmvN9U=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1086ddf9093226162cf11906ed93baa55104c48c98fc8172618f6dbde92a62f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=fh6X420PI9L9uVBImOahLmkTaWvV6BW24dsmy-V0JAyaMXVnjkurjqmuDeUixtTRHDER7OvNLYPahRDY6hX0y_p3yNTjCW4Bc9AO6L6iokjL0vBE94P3DYx112bfqrbGfeAFBf9eNusYgT2mPH0oe351rkj0qGWayoMBfLplcvM3AEIjfSifS4SbE9nf8Uaw11TmW6QLgSm-rF39Vd6UD5hz0AVVB-JIzh05ZXfbPrmc_T9cvRny2ehMzkpv3V-AS7Wi1HvzePNSpE8VHiQxUd2CBK-BfHbdJDalI0JwI-4UMaJBd6ZeRRg3pj3nvvFZBrOW8gLesaenoAzDZJw9RX50u_DkMmSbBUGVfT2zsQvBLfTKba5TGiraBLRPbDYAVKVdgkrwMuJigJfH3lX_EPJGXgoPCl4hn5Oy6HtC3_JnG56ADB-2NYmzme5wePjfENTl32lc_UaYkvRBTG586EGj68xkJnN7xUOLzQB6wgfxv4J6dRJtyQkl-KoX3aESXbRC6R5TtLoFcilKs2hzPzeoDjnJeIUgNh_lSjC7QV16_aYvFCNSelgMudDPhhu2h3ze-NIC5rKfAvvWLrTKHyqkqmsCE95RCQLSOJ33LY_d1Z4iNOykE6WDYigiUXVgJCWbO-MPqBvDGxwWFg470pXHdQ2PXydNNNeVRJiKheI-3JzlbPmvN9U=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fda1a3d52a64465fa4af2b40b2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
98ad8f89ebaa3198e4d7f7766579fe992ed9a28476ca9ace74cd175831aaa2de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=EG5qlAfvhNyGalcgZRXhEob6fydxFrXqe7JfqfMa_iJiD2C0CW4YgpYvyg4CfOurwTkroRfrkZ_WB5C9ICuBqH1L6GC9ngicS--VQ3zaIda5qJWueuwDMHxRoWlhoEyhkQxyxvdF9teA56yNR3dcegpnkOiIvkUzz6n-8sOgHH53cqcWmypLp1eGbXfDjXGk5zYDFHPaW2uL48DvB9e2l9ONCKrn60Ind_Yjb3ApVepExDmQzVmhnMsO4ffOXh4yx-nmg22pAEyAOuEL2q08wOw3Hjh3oAaCIq3A23K04tzjnYjgOydhFpHubkwoGZprGDYfy0-G1E6ThMAFr_I_CGkkHkXjsNMeyVm9kGEqy79VvGXSjgO8z6KRFzAef7D2Z4JBhmVkQhPvw-TNMR644uejv4a9YDcklswmxONcO0pA0_JOYXmXaWoe5_XdtcmDoRt46HCIb2MGxl82WCJeJ4pgAOkTYmLveBU7WR8uYtDmBAs-R0TmiU1NuJpoh88JADRROh5JaGksog92Y0BmeDBXZ4U5Bwv0hMBHZ2l2qP5A9nN5q-k0eZGmOs8ujgBoyNvSTbP8P1a8iAZ5sHwKkPDKTqrBcWDsuCvL1JRg7M97bMzojme6-FjCRujv-MHUAKPXFmxoATP7sJF-DE6HGKayD9yZS-e34Bqt_tLT6yU0wJTQrOWeCr4=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ee09e655d07da9fa091f06343f3b1bf13b0c0809c9aa2fafe9fac4c9e62db5ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=EG5qlAfvhNyGalcgZRXhEob6fydxFrXqe7JfqfMa_iJiD2C0CW4YgpYvyg4CfOurwTkroRfrkZ_WB5C9ICuBqH1L6GC9ngicS--VQ3zaIda5qJWueuwDMHxRoWlhoEyhkQxyxvdF9teA56yNR3dcegpnkOiIvkUzz6n-8sOgHH53cqcWmypLp1eGbXfDjXGk5zYDFHPaW2uL48DvB9e2l9ONCKrn60Ind_Yjb3ApVepExDmQzVmhnMsO4ffOXh4yx-nmg22pAEyAOuEL2q08wOw3Hjh3oAaCIq3A23K04tzjnYjgOydhFpHubkwoGZprGDYfy0-G1E6ThMAFr_I_CGkkHkXjsNMeyVm9kGEqy79VvGXSjgO8z6KRFzAef7D2Z4JBhmVkQhPvw-TNMR644uejv4a9YDcklswmxONcO0pA0_JOYXmXaWoe5_XdtcmDoRt46HCIb2MGxl82WCJeJ4pgAOkTYmLveBU7WR8uYtDmBAs-R0TmiU1NuJpoh88JADRROh5JaGksog92Y0BmeDBXZ4U5Bwv0hMBHZ2l2qP5A9nN5q-k0eZGmOs8ujgBoyNvSTbP8P1a8iAZ5sHwKkPDKTqrBcWDsuCvL1JRg7M97bMzojme6-FjCRujv-MHUAKPXFmxoATP7sJF-DE6HGKayD9yZS-e34Bqt_tLT6yU0wJTQrOWeCr4=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535749bee6afcdb435a9a66245a4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
408a08c6111e6afecef451312696c8089fad38d7d46c3c5a291281e6cda985d0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=ppWI51dy7J0nMk-bgxHtMQlfvv2KD9GVMDPcrOzFgtS4o4-G4jsn2HMfSG026qXq4ZL7gHXgmzOUWpHC7Akrhe35msNS3w1OhRxCnonw0b6DFNAX3aui07UVizaq70hG_i7uDt4OPfRvwXXkT3o7wqFHxlA9HfoLrI-Gdua6WzuH6HOHTYqYGv3eljqD3_XmFSfsT-vKM6fqALc8Ja5Bjr739ATWl5FRjoBbvRqaEyS_Uq8utt9xD2aACHZtD3ZINPU2Jb9sxGm-k6VrColvlDsOt32DJBuCbrbLCB79_7Q1fYaBpz2lROtIq4TiuTlt1p_S5nvXiHsuU755XRZ5Weqb1QYxpuU_Bwe7Nwcny9GyuezOVQ4Bk0gS3UFqRD4jXqe_plC7vJYLl3nFbTNi1lm5TVsGF8iZNo5KJDyuoBKJcSnQeYdhvWx6ttuDo9b8DbEJvwnrt6tOWiIEAlkIDViuHtqB8s6LaSgiTqlW2yVtChnXCV2oM-xY6nFgga-aPP948YgANPUhvhNeBcBHw-ZEoWmaqPm4XvbAwHU-KjwyALWgCAACH3pyjRgjaQthpi44xQtUKu4q6VaLJGmlde56S8yylUEMMOSwj0rPNyIjpQ9fCDJtfFPAUtc_kr1LFHqQmf7lb8fwEnX0xwrJ_5fBPcL5vuMpgpUDAsxupVgWYq4CBkqLlEQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
816e1ab8686149749cee9e71f5ef08aec3a8ea220497fdb8657c2f3322b5c031

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=ppWI51dy7J0nMk-bgxHtMQlfvv2KD9GVMDPcrOzFgtS4o4-G4jsn2HMfSG026qXq4ZL7gHXgmzOUWpHC7Akrhe35msNS3w1OhRxCnonw0b6DFNAX3aui07UVizaq70hG_i7uDt4OPfRvwXXkT3o7wqFHxlA9HfoLrI-Gdua6WzuH6HOHTYqYGv3eljqD3_XmFSfsT-vKM6fqALc8Ja5Bjr739ATWl5FRjoBbvRqaEyS_Uq8utt9xD2aACHZtD3ZINPU2Jb9sxGm-k6VrColvlDsOt32DJBuCbrbLCB79_7Q1fYaBpz2lROtIq4TiuTlt1p_S5nvXiHsuU755XRZ5Weqb1QYxpuU_Bwe7Nwcny9GyuezOVQ4Bk0gS3UFqRD4jXqe_plC7vJYLl3nFbTNi1lm5TVsGF8iZNo5KJDyuoBKJcSnQeYdhvWx6ttuDo9b8DbEJvwnrt6tOWiIEAlkIDViuHtqB8s6LaSgiTqlW2yVtChnXCV2oM-xY6nFgga-aPP948YgANPUhvhNeBcBHw-ZEoWmaqPm4XvbAwHU-KjwyALWgCAACH3pyjRgjaQthpi44xQtUKu4q6VaLJGmlde56S8yylUEMMOSwj0rPNyIjpQ9fCDJtfFPAUtc_kr1LFHqQmf7lb8fwEnX0xwrJ_5fBPcL5vuMpgpUDAsxupVgWYq4CBkqLlEQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:38 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d584cb6be5fa48f3809085eb87&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
407c232d108125c01809bab6013458f5d863428ee55ccfb86d081bb16105a093

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=fczBRzWjOro7sHTEepJpU6dWcdOoScu54RWzizcUUI-1n4vgsO7rmROb2_lsMXjwCGGZDTh0c0FLYZCAbxtxqv-5oAxgkf06yyjQUGUMGX2je9FFoLYI7rd1cUUKVdLkEIQ64HgnThYvZJQxO_Jf8plULobdxbIg6JZHiutH-Llh31FPycaw7hJG8wK2GM6OHrpo66Ft-xr6QZboUm4vYW6RqFk45Ha1JGgBNEwptcWN0ii7rhyUPNS-KSLkLvTwG4r9QLXRimBQvC1oY0TOC9N55_KNZVwCgF7-1wzUoJlRQOMoAZD6mt6FpPfbqJl2gc2Tj-b2uc1VSV49utMh4bXGC01e1SvFAMxwWIHCwI6SOj2Mmt2ekzejqA3HbEMx5Bo9r6QcO2mOpTg25RqRdmxN2Ohvxq17BUebTDqYOJu0x2Q1XhRHACuICplUWyxB3XA5f--Ch-MnhUBrloG_CCDBMn1-tmVIylgfIO6hISCFrKmCdrqFkzTkvRiQ70wK1gBXhq4UAZTwXcsW31xCSIIkRFxoCCnUb3ypW1R7beZlfqixUkkwaADQEINiB9ZBpky3yJTh4kzZUO7jdhzZJHeRSm77MDxIwQ9J4-fd1gEiOXx9fK_NddrLi1pykgGA_1dfJapJhmAmBdq7_Quu5ziFhcoZmfE-REPbynBSc9uRh_13IuzT9to=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=fczBRzWjOro7sHTEepJpU6dWcdOoScu54RWzizcUUI-1n4vgsO7rmROb2_lsMXjwCGGZDTh0c0FLYZCAbxtxqv-5oAxgkf06yyjQUGUMGX2je9FFoLYI7rd1cUUKVdLkEIQ64HgnThYvZJQxO_Jf8plULobdxbIg6JZHiutH-Llh31FPycaw7hJG8wK2GM6OHrpo66Ft-xr6QZboUm4vYW6RqFk45Ha1JGgBNEwptcWN0ii7rhyUPNS-KSLkLvTwG4r9QLXRimBQvC1oY0TOC9N55_KNZVwCgF7-1wzUoJlRQOMoAZD6mt6FpPfbqJl2gc2Tj-b2uc1VSV49utMh4bXGC01e1SvFAMxwWIHCwI6SOj2Mmt2ekzejqA3HbEMx5Bo9r6QcO2mOpTg25RqRdmxN2Ohvxq17BUebTDqYOJu0x2Q1XhRHACuICplUWyxB3XA5f--Ch-MnhUBrloG_CCDBMn1-tmVIylgfIO6hISCFrKmCdrqFkzTkvRiQ70wK1gBXhq4UAZTwXcsW31xCSIIkRFxoCCnUb3ypW1R7beZlfqixUkkwaADQEINiB9ZBpky3yJTh4kzZUO7jdhzZJHeRSm77MDxIwQ9J4-fd1gEiOXx9fK_NddrLi1pykgGA_1dfJapJhmAmBdq7_Quu5ziFhcoZmfE-REPbynBSc9uRh_13IuzT9to=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e55a04bdec3249208c5f06b91e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
434c73cfead730933d6c0d9ef7ddf9473831eb3bfe2b732b0595b2e37538168e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=DFzPxBF7RFHEmtshsB4Cb5mImHsqc5J-rf-oNPHz5HsrO_OmH53J1HZbCGxwrWvtOc4pZH7EBp7TKnF0rJGbiW47gvT-CzPbWhdEOvrrNz4ORn-_hN4XsrV0cCJCfInOW6Lmu239R-rqgCZ0FhhB7e2ZdTJ-rTTPdBWgAkXYBvBJ-qk0mCztWJ0S7gcn3KrSlqGZDryzK0gVbDPhicS0Dymmnv3dYbaFSk8_dAuJRW5yIYrt0jjAKJtV0JYjMwx_XXM_S63axGrwpj3SMRmmb32nXmAREnp7-BvU0vHoKg1DfBLbokIQvcwSbXQJK565DfFJBIeL2AxqJPOKuzUPYJeTjH-EkH_cgXMN3GDHJ9azV2sIu5VA-mmABcdn8PF6WfSjUIWqJs_OsNOlOTb5AGXfn7bX-Vdg2nViwNOTFw4NJ1JohGNOpeIH-AP53PZ1IBQUjlyoa2srq8bTCXIxYqvONRD3TaNYPlw69DEQzDgKnOpsnDwbrimlZ0jgcIMLiVigzntVU0GEXvmGnh0JIPzlewe8WoYSfRJiK6FfOheEbqdYDgmN0nahEIU45JUG8D8ddNmHak9-WQicYd2om2RoWH5jFm--AAInEUI8bzxvQN4Dyp1uNvT4hJzXXnII3efGfb24HKi2ah9W-XOjDJyrlJb_wvzqJYJj-VnJd4N0M28KCcAmqOA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0652dacb78344f7301aa8fd1096d90933ef469c112f03bb8b49b4d52f64567e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=DFzPxBF7RFHEmtshsB4Cb5mImHsqc5J-rf-oNPHz5HsrO_OmH53J1HZbCGxwrWvtOc4pZH7EBp7TKnF0rJGbiW47gvT-CzPbWhdEOvrrNz4ORn-_hN4XsrV0cCJCfInOW6Lmu239R-rqgCZ0FhhB7e2ZdTJ-rTTPdBWgAkXYBvBJ-qk0mCztWJ0S7gcn3KrSlqGZDryzK0gVbDPhicS0Dymmnv3dYbaFSk8_dAuJRW5yIYrt0jjAKJtV0JYjMwx_XXM_S63axGrwpj3SMRmmb32nXmAREnp7-BvU0vHoKg1DfBLbokIQvcwSbXQJK565DfFJBIeL2AxqJPOKuzUPYJeTjH-EkH_cgXMN3GDHJ9azV2sIu5VA-mmABcdn8PF6WfSjUIWqJs_OsNOlOTb5AGXfn7bX-Vdg2nViwNOTFw4NJ1JohGNOpeIH-AP53PZ1IBQUjlyoa2srq8bTCXIxYqvONRD3TaNYPlw69DEQzDgKnOpsnDwbrimlZ0jgcIMLiVigzntVU0GEXvmGnh0JIPzlewe8WoYSfRJiK6FfOheEbqdYDgmN0nahEIU45JUG8D8ddNmHak9-WQicYd2om2RoWH5jFm--AAInEUI8bzxvQN4Dyp1uNvT4hJzXXnII3efGfb24HKi2ah9W-XOjDJyrlJb_wvzqJYJj-VnJd4N0M28KCcAmqOA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053528a66df0883341eca2ed7ba285&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
46e47974b3a2b8fa8d49c749a8f735f2ae09eaebc60f89809597c295ea37f240

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=A9KzFKDozg9YeMzfYH1CoOObA2X6RdNBIU9iB9e-26DCNjCR-OzchIJHgxG0F6ysN6v4SppSgwmRkMCxN7zQT0wvMfJqrauYKY0GDiOQ3-uH1Scx9ixeGLxKrDoUQaXdBlu26q_O7chuK799Ja-dChP6HMIrEyw4EQ-nQFC9OaKHkPgpk7Bf4USxD2nsmWJhrNllgqkrHEr1hZXdc6cVdhsGO4RynDWTlaBSG7u54XgvU5qKMHFcMv6tRUbtfemsr6pANhdOM5VRNvdUeYfizr7NoyJoj64x9mV-Mm12TI32fMS4a5KXdDS73MmsBklFxkapZfNVTms2a8sprirjr5_TiwliVWaPJY996xMQKGSuXCEOym67ZQ8BsJt87_I_gq7BvT29AzYA-AHQTo3f1Sd2jdc5gvBRPmZlsBPyp2mDo3NbwjiVlop3EHGMxN0TDL5t7Q5k-Z4Sihyd-r68tGlRUqxKOJLkpzamm3phGB5N3XlMNM8TlIUTd4aFlVqqTMY_UwOQzidU2OjDh-iM3_7a0CGCiT-0dA0NtbPo--ZKIw-BHMafXHrrR54sra-2JPAyhHw3S5hkg0xCNnxPH06hCe9yvK_Ehd3UDrgOd5jiHYEg25vvllJD2GfgNLBQj4mJw9OMrackjuZ0_2RIMCuDASIITdjpztEM8D-_UYcrY0toj51Xk8c=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f6cd4b877c881df220022d1cfc52b76fa0d102be1fb044c704663410324629f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=A9KzFKDozg9YeMzfYH1CoOObA2X6RdNBIU9iB9e-26DCNjCR-OzchIJHgxG0F6ysN6v4SppSgwmRkMCxN7zQT0wvMfJqrauYKY0GDiOQ3-uH1Scx9ixeGLxKrDoUQaXdBlu26q_O7chuK799Ja-dChP6HMIrEyw4EQ-nQFC9OaKHkPgpk7Bf4USxD2nsmWJhrNllgqkrHEr1hZXdc6cVdhsGO4RynDWTlaBSG7u54XgvU5qKMHFcMv6tRUbtfemsr6pANhdOM5VRNvdUeYfizr7NoyJoj64x9mV-Mm12TI32fMS4a5KXdDS73MmsBklFxkapZfNVTms2a8sprirjr5_TiwliVWaPJY996xMQKGSuXCEOym67ZQ8BsJt87_I_gq7BvT29AzYA-AHQTo3f1Sd2jdc5gvBRPmZlsBPyp2mDo3NbwjiVlop3EHGMxN0TDL5t7Q5k-Z4Sihyd-r68tGlRUqxKOJLkpzamm3phGB5N3XlMNM8TlIUTd4aFlVqqTMY_UwOQzidU2OjDh-iM3_7a0CGCiT-0dA0NtbPo--ZKIw-BHMafXHrrR54sra-2JPAyhHw3S5hkg0xCNnxPH06hCe9yvK_Ehd3UDrgOd5jiHYEg25vvllJD2GfgNLBQj4mJw9OMrackjuZ0_2RIMCuDASIITdjpztEM8D-_UYcrY0toj51Xk8c=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605357e2d50c3ed7b4dd095b233dd08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96381f18550fb562dec4d9097999c0e34b6b7abe308c628e9e9b2968c35a0aa1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=ekTXoJjbSf3-umhgaIjHRPrym72sahAYtrpvH7AUczhtnIEl2KRogxn_RsrSbNGLztzmBJgCsXs5hN57iRxFh81phVSmsUDHEj0b-WzJ576taqY1GGVrAV6Csaf_w6xYuvEflxbTizRI31SVsIlbkP5CyIEM0ed6SrOfRNDwhwlOiSG4czfeCc5WnQSxdrx4Y_TbW7-ZBiao44abpHwYYlk-9__PdBe2A7an73PJavHYleGkZHhNM_uDxBFX8Yt8E2OsyM3Ti7-mrBDiMtmagN-1s3Oyb8PXBK7aW4lRi7KV9T9Be69qx60nP4YKfNbQ1w6C1ZQWj_50Nwiiq6raBwTiMOSO4rDutwUGHqA6AO2YjPRs3s-9LomjPBqe_hch9mrDUourUpdRemjtBYzit9xUuPZrdLctFGPG6kdjoaYxUTntWZLdfRaGHEiaUGboGz4wFMh_Z10cgTmNL4b36282z7DvVF5rPuT5jtMkwwzQxKEEXysS3JIQarCpNImT29i3KMGrgB3q9nvmMP0_Kgs4tKMsN-xY1-HHxatZtt1Tdk996Q6JYuQAAK1s5hqiNMFzLL2cWIIVcLX74bvwKwoFCI6WIWmDxVoeymRGmiTMtQ93aAPTLRp532OJxqQlSHTKq7n9qZL6AX_h5PCmd5vgffP7W2WllDGxGn6gGshhAAqSsn9-t40=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4bc977bd6203bcfeb3f86d3c3c97deeddb4f68de9ef5f53a3f31ae1f101ed7b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=ekTXoJjbSf3-umhgaIjHRPrym72sahAYtrpvH7AUczhtnIEl2KRogxn_RsrSbNGLztzmBJgCsXs5hN57iRxFh81phVSmsUDHEj0b-WzJ576taqY1GGVrAV6Csaf_w6xYuvEflxbTizRI31SVsIlbkP5CyIEM0ed6SrOfRNDwhwlOiSG4czfeCc5WnQSxdrx4Y_TbW7-ZBiao44abpHwYYlk-9__PdBe2A7an73PJavHYleGkZHhNM_uDxBFX8Yt8E2OsyM3Ti7-mrBDiMtmagN-1s3Oyb8PXBK7aW4lRi7KV9T9Be69qx60nP4YKfNbQ1w6C1ZQWj_50Nwiiq6raBwTiMOSO4rDutwUGHqA6AO2YjPRs3s-9LomjPBqe_hch9mrDUourUpdRemjtBYzit9xUuPZrdLctFGPG6kdjoaYxUTntWZLdfRaGHEiaUGboGz4wFMh_Z10cgTmNL4b36282z7DvVF5rPuT5jtMkwwzQxKEEXysS3JIQarCpNImT29i3KMGrgB3q9nvmMP0_Kgs4tKMsN-xY1-HHxatZtt1Tdk996Q6JYuQAAK1s5hqiNMFzLL2cWIIVcLX74bvwKwoFCI6WIWmDxVoeymRGmiTMtQ93aAPTLRp532OJxqQlSHTKq7n9qZL6AX_h5PCmd5vgffP7W2WllDGxGn6gGshhAAqSsn9-t40=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535501bedf98aa442b2890dfc5bc8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c443723ff78a95abe8af4eba048150eb69a5f6ec43ba254fce037b8df2369fb0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:39 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=f5mFFc5rDWkhko34FNt2MhIguUlAC2k7NEHgc9zrou45A2O5C3d1TA7KrqkQovhUZqPsbjK4RCXZ2yu5o-AyfrZp5rYfJXZExK5fm4ol53FB_6iPWgjkpxK40qciJiyHlvVEv9vallp8yPOF25LmbhAfK8fvFBh3HPNpIMPuuf-tTLX4wi_TT2LsEh4qcbGIGZwKeIfajg2PUYpq_ZV7-f2-1OotuSYmPmbhBFCGTYVTJHQYY2yWD6Y5vc9ytvIyHtx7TAqViSKH0ZhDwbwn6m9QU51Nx9gqSqGaqZle3P5lmn4FH7daoSk27VrZYxjnho6E3sROzyA392vj9boiKEgNhkkYTQZVq2alD-H1pId3XDhynsa0dlv9c4KcVY8LV8GNi2623-WZOwBWQ1mTYq41xss0ien17TiFy_rZ5zWxlZqVeipovvPtiejFKXj6MbR1BuKarrcA5QGuSe0NI6puzuhHizZszklg8r5Wv4U-_pZIfIjtz65-uzGVd0RJG5tNRhDjfqqR7hJg4tiCtOmhNtyhEoiRrK-E4WgAeMnJf_taj0JTi8RWuHcEx0xuVvXKZqY07NEF2dfOKOaciCqbiJ3Zh-scOor95J9mMRGuHtw4oD5MUvbkmNSCDclG6LPBD0N_NyItB4BCRwOaWDz4iYpvuJgBzs-LyjAVwdSoRbXkZAjn3as=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4658a265cc9444c69d50b7d3da38365d2be6ff0e5679d4ad3ea079d984f8fb56

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=f5mFFc5rDWkhko34FNt2MhIguUlAC2k7NEHgc9zrou45A2O5C3d1TA7KrqkQovhUZqPsbjK4RCXZ2yu5o-AyfrZp5rYfJXZExK5fm4ol53FB_6iPWgjkpxK40qciJiyHlvVEv9vallp8yPOF25LmbhAfK8fvFBh3HPNpIMPuuf-tTLX4wi_TT2LsEh4qcbGIGZwKeIfajg2PUYpq_ZV7-f2-1OotuSYmPmbhBFCGTYVTJHQYY2yWD6Y5vc9ytvIyHtx7TAqViSKH0ZhDwbwn6m9QU51Nx9gqSqGaqZle3P5lmn4FH7daoSk27VrZYxjnho6E3sROzyA392vj9boiKEgNhkkYTQZVq2alD-H1pId3XDhynsa0dlv9c4KcVY8LV8GNi2623-WZOwBWQ1mTYq41xss0ien17TiFy_rZ5zWxlZqVeipovvPtiejFKXj6MbR1BuKarrcA5QGuSe0NI6puzuhHizZszklg8r5Wv4U-_pZIfIjtz65-uzGVd0RJG5tNRhDjfqqR7hJg4tiCtOmhNtyhEoiRrK-E4WgAeMnJf_taj0JTi8RWuHcEx0xuVvXKZqY07NEF2dfOKOaciCqbiJ3Zh-scOor95J9mMRGuHtw4oD5MUvbkmNSCDclG6LPBD0N_NyItB4BCRwOaWDz4iYpvuJgBzs-LyjAVwdSoRbXkZAjn3as=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358900540ca780470d92adf6cc28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85f35507ff4e892124ba81bdbaca755247726cbb80b36ae310168683fc986345

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=rWJysGnqQ2LQsajLiWelR0k0uVLLhscIbvuoBG7D29vdsSVXa3NgmIzB1HLllZvWcxV2APibBKuXU5ui9pGgTn2l1r0eb5vvWjr9fIvBeIEWNnyB2MQ3fQyd5LbNRYuMyOwTW_Zr1Z3CfYy3Ueoqp18zzH5PDhEJC5R-HZ38SxMPEl-8W3ZDdq3fMeRPMC0Ohjwz7vHS1U9Fsl5PDSjIFDLc-IKe6hHMUTvefQNeuVWep8xeoJ_nyq7WBnzM1tOFdKrEdykT3rzFZetQDyNMwtx9ZXEGf06PlpX1IcnkYMpZAiQF_UNkPutl_tnS4ate09cNh-mXlcf0D-ENn2UV6GttNnJl8sWXutuCMhApRDZUkZ0Hpn8prWVjZ-LRHmgvE8W2ZllYorgLLUs__-3qD45Xlk7z6sbRucmwmdLBbQ7VNEXX-sp8FfyzZphFTRIkV-8v0hRwkfvmF-p3_mkrCEUnmi1uX0_fuuSY5wuxu29x0Rg3WRqcwKYvZNLbzZLHbvVouUTfMYBi2tCKgTzsVvKpjFPNpU5B5H2rW2GT3yAxpsrj8iU7kx60M5a8UvpFvRyNHrtG-JMPR-NRzAz_Ed5V0sUVV9R5y0ej4gp8DTtEXGYkwbFqGfQHFTDLqRax3WPIJbBgdc-REHJi-6dzW2KZ7559rpNux39AClFTFfo2drKz2KoR2XM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7b2955de0c545566d5af9c7c6432a999a94f63c571db1d65346e84028910d37c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=rWJysGnqQ2LQsajLiWelR0k0uVLLhscIbvuoBG7D29vdsSVXa3NgmIzB1HLllZvWcxV2APibBKuXU5ui9pGgTn2l1r0eb5vvWjr9fIvBeIEWNnyB2MQ3fQyd5LbNRYuMyOwTW_Zr1Z3CfYy3Ueoqp18zzH5PDhEJC5R-HZ38SxMPEl-8W3ZDdq3fMeRPMC0Ohjwz7vHS1U9Fsl5PDSjIFDLc-IKe6hHMUTvefQNeuVWep8xeoJ_nyq7WBnzM1tOFdKrEdykT3rzFZetQDyNMwtx9ZXEGf06PlpX1IcnkYMpZAiQF_UNkPutl_tnS4ate09cNh-mXlcf0D-ENn2UV6GttNnJl8sWXutuCMhApRDZUkZ0Hpn8prWVjZ-LRHmgvE8W2ZllYorgLLUs__-3qD45Xlk7z6sbRucmwmdLBbQ7VNEXX-sp8FfyzZphFTRIkV-8v0hRwkfvmF-p3_mkrCEUnmi1uX0_fuuSY5wuxu29x0Rg3WRqcwKYvZNLbzZLHbvVouUTfMYBi2tCKgTzsVvKpjFPNpU5B5H2rW2GT3yAxpsrj8iU7kx60M5a8UvpFvRyNHrtG-JMPR-NRzAz_Ed5V0sUVV9R5y0ej4gp8DTtEXGYkwbFqGfQHFTDLqRax3WPIJbBgdc-REHJi-6dzW2KZ7559rpNux39AClFTFfo2drKz2KoR2XM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx73b164a19c70473499d6d-00617824f1
x-openstack-request-id
tx73b164a19c70473499d6d-00617824f1
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355997c00991c841dd86eb0f3156&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ebe6376d1d9e2aac922b5c9cb5459445a6721d15b2ceadee73e1a365d3582d55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=3r0kcZX5XOt2R_--y9alwMvcU84tWiJMZqTxzPaZxB89YgJ2reir6vz0psvnnU_r71skbtnsf8prKOoVD-1zzmFZ8PXLnpwoeD-C-vR5mWWh6DJmb7y0WRz0ZZ2_sBAKtB-gXqHmvE1NG07d4_ETBDpIqQ66CWWEfgKJ2cdAuHnfQFO0vPdKqpgrhyB10bftA7T33YqlyRv_rxBAAnZbATJ6DmKwR8P3kQ5BTnAWmAbBFNOvkZ6Jggf6zZ1CIqQjgFs51mPZHyVW8pibYbxP05VHh52Yt9V-OLl08H2d7dUM51LE9vE9_CgZ4Y_7wJcFKwHAv7kl8vMStqGutAJLM4lTsfq-yCbItVe5FWb5oMVb23zM9WZlK1qdcae3ayHwi3gKOtOYRRWtpGH552551QQ3mTzQADlDTBj8D2bd-f4T3yhLiVd6IVx9_wuAgeZpjMGxr9Ra4Hyd6v8pU_IwI87P6Loh9_NNC1dSY1QMASwt6IhpopxzWQywd0qoPg3_G3b0ABzhQNJsmARy_N47fOxkjyuNXtGCl9A-Pc8Fy0OxbZy6KoCaERa4xnFItLsFrDwXvCtaWCWgQF0AHucZTGDxhlaADsSNolDFosSf6X4t6h_Bgk3_zI6vI0ZjpMT9qapzWKt82xm-NwUGoZ5o77JL-0eeM9jtaGfmoVHWYVcsozcbJUrEoro=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6d5a246aafff81471eff85c538180f295e738e0d7939ec55e60e644a60c03f13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=3r0kcZX5XOt2R_--y9alwMvcU84tWiJMZqTxzPaZxB89YgJ2reir6vz0psvnnU_r71skbtnsf8prKOoVD-1zzmFZ8PXLnpwoeD-C-vR5mWWh6DJmb7y0WRz0ZZ2_sBAKtB-gXqHmvE1NG07d4_ETBDpIqQ66CWWEfgKJ2cdAuHnfQFO0vPdKqpgrhyB10bftA7T33YqlyRv_rxBAAnZbATJ6DmKwR8P3kQ5BTnAWmAbBFNOvkZ6Jggf6zZ1CIqQjgFs51mPZHyVW8pibYbxP05VHh52Yt9V-OLl08H2d7dUM51LE9vE9_CgZ4Y_7wJcFKwHAv7kl8vMStqGutAJLM4lTsfq-yCbItVe5FWb5oMVb23zM9WZlK1qdcae3ayHwi3gKOtOYRRWtpGH552551QQ3mTzQADlDTBj8D2bd-f4T3yhLiVd6IVx9_wuAgeZpjMGxr9Ra4Hyd6v8pU_IwI87P6Loh9_NNC1dSY1QMASwt6IhpopxzWQywd0qoPg3_G3b0ABzhQNJsmARy_N47fOxkjyuNXtGCl9A-Pc8Fy0OxbZy6KoCaERa4xnFItLsFrDwXvCtaWCWgQF0AHucZTGDxhlaADsSNolDFosSf6X4t6h_Bgk3_zI6vI0ZjpMT9qapzWKt82xm-NwUGoZ5o77JL-0eeM9jtaGfmoVHWYVcsozcbJUrEoro=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=3r0kcZX5XOt2R_--y9alwMvcU84tWiJMZqTxzPaZxB89YgJ2reir6vz0psvnnU_r71skbtnsf8prKOoVD-1zzmFZ8PXLnpwoeD-C-vR5mWWh6DJmb7y0WRz0ZZ2_sBAKtB-gXqHmvE1NG07d4_ETBDpIqQ66CWWEfgKJ2cdAuHnfQFO0vPdKqpgrhyB10bftA7T33YqlyRv_rxBAAnZbATJ6DmKwR8P3kQ5BTnAWmAbBFNOvkZ6Jggf6zZ1CIqQjgFs51mPZHyVW8pibYbxP05VHh52Yt9V-OLl08H2d7dUM51LE9vE9_CgZ4Y_7wJcFKwHAv7kl8vMStqGutAJLM4lTsfq-yCbItVe5FWb5oMVb23zM9WZlK1qdcae3ayHwi3gKOtOYRRWtpGH552551QQ3mTzQADlDTBj8D2bd-f4T3yhLiVd6IVx9_wuAgeZpjMGxr9Ra4Hyd6v8pU_IwI87P6Loh9_NNC1dSY1QMASwt6IhpopxzWQywd0qoPg3_G3b0ABzhQNJsmARy_N47fOxkjyuNXtGCl9A-Pc8Fy0OxbZy6KoCaERa4xnFItLsFrDwXvCtaWCWgQF0AHucZTGDxhlaADsSNolDFosSf6X4t6h_Bgk3_zI6vI0ZjpMT9qapzWKt82xm-NwUGoZ5o77JL-0eeM9jtaGfmoVHWYVcsozcbJUrEoro=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=3r0kcZX5XOt2R_--y9alwMvcU84tWiJMZqTxzPaZxB89YgJ2reir6vz0psvnnU_r71skbtnsf8prKOoVD-1zzmFZ8PXLnpwoeD-C-vR5mWWh6DJmb7y0WRz0ZZ2_sBAKtB-gXqHmvE1NG07d4_ETBDpIqQ66CWWEfgKJ2cdAuHnfQFO0vPdKqpgrhyB10bftA7T33YqlyRv_rxBAAnZbATJ6DmKwR8P3kQ5BTnAWmAbBFNOvkZ6Jggf6zZ1CIqQjgFs51mPZHyVW8pibYbxP05VHh52Yt9V-OLl08H2d7dUM51LE9vE9_CgZ4Y_7wJcFKwHAv7kl8vMStqGutAJLM4lTsfq-yCbItVe5FWb5oMVb23zM9WZlK1qdcae3ayHwi3gKOtOYRRWtpGH552551QQ3mTzQADlDTBj8D2bd-f4T3yhLiVd6IVx9_wuAgeZpjMGxr9Ra4Hyd6v8pU_IwI87P6Loh9_NNC1dSY1QMASwt6IhpopxzWQywd0qoPg3_G3b0ABzhQNJsmARy_N47fOxkjyuNXtGCl9A-Pc8Fy0OxbZy6KoCaERa4xnFItLsFrDwXvCtaWCWgQF0AHucZTGDxhlaADsSNolDFosSf6X4t6h_Bgk3_zI6vI0ZjpMT9qapzWKt82xm-NwUGoZ5o77JL-0eeM9jtaGfmoVHWYVcsozcbJUrEoro=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053512ec1841db614f8390401f856b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7f4a5f6742cca99bceac0ad010da7a1a135e5c38f42797fdf2cdd81c8bc676eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=cgXKXm8NhMME4Dy46vuzXxB-ExWDeVtQD1Lmlkg8qJ2aHNcdqgdtrsZLMAlhqerDbnekiwd1uMvI5poaMQWK7WiiVhdGfHm8QCY7aYyfjJY9gNZgcf4KY7eZqpXQL4ZFJZBYK9n20Lko0gc_9faWvaKee07JNFF_lXEjP-WAcKV4S9qQnDvLc6nsZCe42Ybs4p8seHQXMwdol5v1jwckYYy5_3aT0CNSZQM82hlR1oRJVh2HIKkjPQAeadsxms6FbKxM4QHIYoRhjoxaHs5fkn7OP_HZb1ubW2f72tOrNmeGYrf7bjq3ZoJclhOTI_iSolfQc8HTUlJsuNRYYzdAaXzotMycAn3QZAJQTN-4N-ceq0kzxVUP0TDptSnVNtPBG3850gr8H4cDfsE9w5pwasIdUz0mujFsn9eOaPQfLTxR0Kx7_kRrYjeaxi6Z1L_eavLB9GtRg5LowZxOd-Cec5Io3fMHx9i88WM_ZS65qyGSNreTrMnsA7FgfkNIAMhgkkePyl3JSAb-O86Dz3ojfzl0NI4H1nXDIESQ7AwltTlIk8JUYbobX4KMRXlLgHPMPqnmBmSRxTfxcG1Rfs3WfFURd75dWhBgeMkkMi9Q_sT8OIzqmBPrAV9qP0HwBP3CM9zirBu930p62WbWlbn_q0ZtGISopIdLxPMv1Llq7LOdC8wTlBfcZlU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f48d6a611498acf0cfafb962ea21dc0e3ed7b9e6fb5ee962d86e40ea47d330cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=cgXKXm8NhMME4Dy46vuzXxB-ExWDeVtQD1Lmlkg8qJ2aHNcdqgdtrsZLMAlhqerDbnekiwd1uMvI5poaMQWK7WiiVhdGfHm8QCY7aYyfjJY9gNZgcf4KY7eZqpXQL4ZFJZBYK9n20Lko0gc_9faWvaKee07JNFF_lXEjP-WAcKV4S9qQnDvLc6nsZCe42Ybs4p8seHQXMwdol5v1jwckYYy5_3aT0CNSZQM82hlR1oRJVh2HIKkjPQAeadsxms6FbKxM4QHIYoRhjoxaHs5fkn7OP_HZb1ubW2f72tOrNmeGYrf7bjq3ZoJclhOTI_iSolfQc8HTUlJsuNRYYzdAaXzotMycAn3QZAJQTN-4N-ceq0kzxVUP0TDptSnVNtPBG3850gr8H4cDfsE9w5pwasIdUz0mujFsn9eOaPQfLTxR0Kx7_kRrYjeaxi6Z1L_eavLB9GtRg5LowZxOd-Cec5Io3fMHx9i88WM_ZS65qyGSNreTrMnsA7FgfkNIAMhgkkePyl3JSAb-O86Dz3ojfzl0NI4H1nXDIESQ7AwltTlIk8JUYbobX4KMRXlLgHPMPqnmBmSRxTfxcG1Rfs3WfFURd75dWhBgeMkkMi9Q_sT8OIzqmBPrAV9qP0HwBP3CM9zirBu930p62WbWlbn_q0ZtGISopIdLxPMv1Llq7LOdC8wTlBfcZlU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c06332da74d42839cffd29a8f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fb42808c4f59a943d2a9ff3a530852e713e164cb463cc66ad1524a1e7c56b3a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:40 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=oD1zGnDAS9sOPmkvOQjPI1HXyWoNPrB0cQQWJ0-mjVS1b4K9pIeGudLDxJvSTL7G_UgB-hJlp8u0ace-Jv5FWYSOVhysXQxVbdaVUgJ8sTmqRpBuBz__k77Kn9sr6kbsjLvXyGum5jYSxpAPSBqSRTP7epHvZhwpds01oMwGoA6V4ukQoIvUXuWZNAuB_0l4aJgF3DM9WJKegpfJpwZ9kYEM-puJjjSEsylx9I07d7g3bayRCAtwP-d9vWgR5N6weEa8n3Ej6I9k6RHo25MnGgHYZCAS8OSbe27xnbiNPxN_oD4g--M8grOZb6nq01x2nQpg8r6kClnLbzOcL16LO38sLewzbBvAKGz1w7j6Bod6j0Kuu08yQ0AKJ-G8mCISYzSoFOKs9m4SybmN-k3dnvODsg6CQBjwNIPIUyYd_sfZsN7rTfbp0mPn50Yhzb764JUht4c3eba8xOrrFYmC9at5kFWsXSG9Y5qk0lcopWxH1ulCIF1Oh7WBdp4YMETrjb1l1A95KU3u1JPsV69GkFa-TUZRU5Ls0PCUsskU8v_EEHHTL3jM0I9Xk3jXE-qePNN3iYtD1DPwdrlYCe8-mti_QP08vBlKyfh0zF429IR9MGLxLuCLCZgVVFfQCjXEPROCPb3F2wXVs2HAnYWffSff1iVSLT3MsVdhLbBI5r9XkYx8BglKFnk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
100b64006eca9e2f49c52b0edc7a699f9c96f8b12186ce072cad9cd0e8e8f0d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=oD1zGnDAS9sOPmkvOQjPI1HXyWoNPrB0cQQWJ0-mjVS1b4K9pIeGudLDxJvSTL7G_UgB-hJlp8u0ace-Jv5FWYSOVhysXQxVbdaVUgJ8sTmqRpBuBz__k77Kn9sr6kbsjLvXyGum5jYSxpAPSBqSRTP7epHvZhwpds01oMwGoA6V4ukQoIvUXuWZNAuB_0l4aJgF3DM9WJKegpfJpwZ9kYEM-puJjjSEsylx9I07d7g3bayRCAtwP-d9vWgR5N6weEa8n3Ej6I9k6RHo25MnGgHYZCAS8OSbe27xnbiNPxN_oD4g--M8grOZb6nq01x2nQpg8r6kClnLbzOcL16LO38sLewzbBvAKGz1w7j6Bod6j0Kuu08yQ0AKJ-G8mCISYzSoFOKs9m4SybmN-k3dnvODsg6CQBjwNIPIUyYd_sfZsN7rTfbp0mPn50Yhzb764JUht4c3eba8xOrrFYmC9at5kFWsXSG9Y5qk0lcopWxH1ulCIF1Oh7WBdp4YMETrjb1l1A95KU3u1JPsV69GkFa-TUZRU5Ls0PCUsskU8v_EEHHTL3jM0I9Xk3jXE-qePNN3iYtD1DPwdrlYCe8-mti_QP08vBlKyfh0zF429IR9MGLxLuCLCZgVVFfQCjXEPROCPb3F2wXVs2HAnYWffSff1iVSLT3MsVdhLbBI5r9XkYx8BglKFnk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c4385161b66546b28b39d12191&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
17c7aacd22c05360ccca5b417d431dad4c22d9374ab50fa59fd62f966156362a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=XqCA2_U0eruhPJS4lsCbOiQrRocJKms89JzyHRN-RkeK3F70UKCb-Fz6WZOn2ThbOghjSOwMzdhqLD4P5SvFBWXeAAWG_kxoqskvqvnd4P6KXX03Nto16jHD17bJY3shAaakWtCCA0haKsUPRXOu3zNhvDbQPWNBMdWzhe0DD2xbE5GYAR1QPZshDOxTdIEIhmxBQPWAlrGhSFc5wZkBrfmC5iy23JfEYgyZRxV1_k446tOfZ2jy5QlzuMdem5qLpNdaFj1uB-8yQl_wW-MeRLsnXQwbuUqdWvOl1uexQuwHpQHXTN-Iumyf3vQN_J0v-k4fdJVI79PgfqwSHs4XF2oy8opfHqFslldX41x1IhY1lJrKa8RgYAYxPIqWghhtT1y8FlwszIf5gQoQrVwVkdmx83g9tq7nlVpQkrFqM_CDmNQbbE2iNi3Qdj1qNv71n2GN-zFx3DkUp47d0VzI59oLAyx36qU66oX5W2RJ09tPzZ-10CRslddmAIo4h-Npjw6REWy456Sr2dve0RVxxMOloG9VLf4dtXI1ysJelx9tehw0ngNnn61hCuAM8yOEc5BxYKklYjvXwGOzSHxBQdPfVYjy9nCZs6JWP8ZGKju2Pv1VA8hdgjKAzXnGnU17aFVnIF--mROqO4YAZlyWrovSPlVuMGqNWHCGy1CwcLV3V6P2NrX31aU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
be32906d8b736ef01d0325582c9e19e6a8f1c41b406568401ce4f27f8878057c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=XqCA2_U0eruhPJS4lsCbOiQrRocJKms89JzyHRN-RkeK3F70UKCb-Fz6WZOn2ThbOghjSOwMzdhqLD4P5SvFBWXeAAWG_kxoqskvqvnd4P6KXX03Nto16jHD17bJY3shAaakWtCCA0haKsUPRXOu3zNhvDbQPWNBMdWzhe0DD2xbE5GYAR1QPZshDOxTdIEIhmxBQPWAlrGhSFc5wZkBrfmC5iy23JfEYgyZRxV1_k446tOfZ2jy5QlzuMdem5qLpNdaFj1uB-8yQl_wW-MeRLsnXQwbuUqdWvOl1uexQuwHpQHXTN-Iumyf3vQN_J0v-k4fdJVI79PgfqwSHs4XF2oy8opfHqFslldX41x1IhY1lJrKa8RgYAYxPIqWghhtT1y8FlwszIf5gQoQrVwVkdmx83g9tq7nlVpQkrFqM_CDmNQbbE2iNi3Qdj1qNv71n2GN-zFx3DkUp47d0VzI59oLAyx36qU66oX5W2RJ09tPzZ-10CRslddmAIo4h-Npjw6REWy456Sr2dve0RVxxMOloG9VLf4dtXI1ysJelx9tehw0ngNnn61hCuAM8yOEc5BxYKklYjvXwGOzSHxBQdPfVYjy9nCZs6JWP8ZGKju2Pv1VA8hdgjKAzXnGnU17aFVnIF--mROqO4YAZlyWrovSPlVuMGqNWHCGy1CwcLV3V6P2NrX31aU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352caf0c5e4e61476880359ea2d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f2498ab0359a1d3a817ccf8c38f1484e3369bdb12941c6c41db89fbf6d3e9603

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=tszonR7bERTovoebvLy5SdsJpiHzwRSYcUCwyV0QA-IaEtI9yPDGhQy8k0YvtPbPAnrIn9IpCtXVCXFyrQEayXqhOb_PTnWRA8O8MxwrZfvUnf8-IQfwB0-tLlmBY0hqmusZk8dTYVKPuzFDzL4f9OBXQd3h4qwhrf-ShDwgdZ3eb-1iCrmwQOnKOZI5_xIiPQuXNUXD3rqlSHP7hVlwi0rH12K9obROxBRUMShklHfgE112IdvbmalHK24lcSKrYzPyw7NTemeBFvhbX3MXCl8RbNid15N_jQ_6Z3AHghEAUZfaHlVNy52aQNj1fhPwk_m2-Cizu4NJRyN-61zfyJCnUArChtj6fL1IXH-INg9OuqwgHs-3VQRzrfNZ_VG0klnF6iAtb6-BxdP83X5HgwHlH88jvdEhr_VvZjllBAtbPV9-cdJM11N5TVp5WmUTClX5NV472M8Q4IaJNjXo9W-1GCbejBRvWfw3fi7eUemMmCkGLzmRBAeId5TmlsLrQeblo1zNuM3l0BJ6RhKFcPsKcCpX74whjN1JeHEJKCgUAObOOGo1oO9GptJ7Sj6chHMnfJnEjG4hFWvrLpvx_QUPr1JSzdpzSAA6oElHlEBzNa38U_hb_CWaNi9xLZQXJzf-XlTdsefqgH5viPZj1Rsp4yQSsiavkJ6d_bmhoH8mOXNvhupTWoE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2bb58a0907a7c5628492f10bf784d4ee07cddc860f3aab17ea39f20df15ab90c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=tszonR7bERTovoebvLy5SdsJpiHzwRSYcUCwyV0QA-IaEtI9yPDGhQy8k0YvtPbPAnrIn9IpCtXVCXFyrQEayXqhOb_PTnWRA8O8MxwrZfvUnf8-IQfwB0-tLlmBY0hqmusZk8dTYVKPuzFDzL4f9OBXQd3h4qwhrf-ShDwgdZ3eb-1iCrmwQOnKOZI5_xIiPQuXNUXD3rqlSHP7hVlwi0rH12K9obROxBRUMShklHfgE112IdvbmalHK24lcSKrYzPyw7NTemeBFvhbX3MXCl8RbNid15N_jQ_6Z3AHghEAUZfaHlVNy52aQNj1fhPwk_m2-Cizu4NJRyN-61zfyJCnUArChtj6fL1IXH-INg9OuqwgHs-3VQRzrfNZ_VG0klnF6iAtb6-BxdP83X5HgwHlH88jvdEhr_VvZjllBAtbPV9-cdJM11N5TVp5WmUTClX5NV472M8Q4IaJNjXo9W-1GCbejBRvWfw3fi7eUemMmCkGLzmRBAeId5TmlsLrQeblo1zNuM3l0BJ6RhKFcPsKcCpX74whjN1JeHEJKCgUAObOOGo1oO9GptJ7Sj6chHMnfJnEjG4hFWvrLpvx_QUPr1JSzdpzSAA6oElHlEBzNa38U_hb_CWaNi9xLZQXJzf-XlTdsefqgH5viPZj1Rsp4yQSsiavkJ6d_bmhoH8mOXNvhupTWoE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355347d2e0aa6543fbb3b74b3643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
25afac36119a13a80454a42c0f9798e080ba844d48bf97381b5c98274139def3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=khv8dIaFc8VrEMskoiOICHHtJA8fLi7b2d0-_2a0OneRZvW1JiOXvq6XT59sM-DkDWhsKxGnvlDVs1bVTp9vRhj0QfEgujvBetRK2Wxq08wGGuJ2-gOhUI24KzjcTE1sMLb5RZbE2d443Y7cKIh63KXMuSjgXUMs1ay5LGTxuhVrW8Tj4VPGAYZRkfETWIVqsKdVNVxnxEHbkrUqt5i0la43wAEu0K8_1QJC9zHE3KXaqFwrOqo2xBVU0fPFA8jNYJHhk6s95xiV61eWDdHnk2QSLMB8Fydh8na7OMfbvcr_41qMcVJPOS-Qj2IpCCoLgkO4AGvLOrTGlKvpMNSneF_GHpeFaWinRoBmL1VuRPOS44xbCJHSzcPhOm7Kw8G3SVaRzBrHCj-xS06xUzoaD-iHc16NwPR6p6HIVNcFu6CRJizsCn4ehKcEPP15ppuktUxfKtVb8Fy5SW6MPSrfNPXbhzIvyURRzSblXBtHw8kiFc_40usWjT_omwVMSFus6crQWiFMvJ2ieLZr1KiYJXdHadwbST1EJqRVqXM2Khr10f8e_VWDVoG1ZBkiEGjDVK2U0D8Fw7aJB0j59HGbq--HrEz930ntNk-y-iCG-OOx1W5hk8ux_3sz1AcxL4V7pgTTFc5fRRAQnQQSel24NQ_T63x2s7UqyeNaypHdv0D3yuox6TVNfT8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
aafce91d0c96b61acc8e23b4ec17aad531731f108a15494708fafdb7c8a00e80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=khv8dIaFc8VrEMskoiOICHHtJA8fLi7b2d0-_2a0OneRZvW1JiOXvq6XT59sM-DkDWhsKxGnvlDVs1bVTp9vRhj0QfEgujvBetRK2Wxq08wGGuJ2-gOhUI24KzjcTE1sMLb5RZbE2d443Y7cKIh63KXMuSjgXUMs1ay5LGTxuhVrW8Tj4VPGAYZRkfETWIVqsKdVNVxnxEHbkrUqt5i0la43wAEu0K8_1QJC9zHE3KXaqFwrOqo2xBVU0fPFA8jNYJHhk6s95xiV61eWDdHnk2QSLMB8Fydh8na7OMfbvcr_41qMcVJPOS-Qj2IpCCoLgkO4AGvLOrTGlKvpMNSneF_GHpeFaWinRoBmL1VuRPOS44xbCJHSzcPhOm7Kw8G3SVaRzBrHCj-xS06xUzoaD-iHc16NwPR6p6HIVNcFu6CRJizsCn4ehKcEPP15ppuktUxfKtVb8Fy5SW6MPSrfNPXbhzIvyURRzSblXBtHw8kiFc_40usWjT_omwVMSFus6crQWiFMvJ2ieLZr1KiYJXdHadwbST1EJqRVqXM2Khr10f8e_VWDVoG1ZBkiEGjDVK2U0D8Fw7aJB0j59HGbq--HrEz930ntNk-y-iCG-OOx1W5hk8ux_3sz1AcxL4V7pgTTFc5fRRAQnQQSel24NQ_T63x2s7UqyeNaypHdv0D3yuox6TVNfT8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357f841ae3b6474b88a548ac4782&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
53ee52c5f7059ff9fcbabc09551a451f6655b2d1914af12ce2f631a8f7d99df2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:41 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=nkpRW5YA8c7fLg-B797i_KldWMHhJn3mdf6-dYQIpSjWjc_7gHoy7btmZL6_Zfw_HPChNagq-yOWDntaPACb2SfyxMNYRj6Dm7-qNPIefaq9hH6vY7dDPziTRECtWH-B0Mec31a7WA7RW_fxAg5EEG7I43bvzvl2ryHco-Mf53PDWF00Wi14i3vd76UeRpHf-u7j8ltXCjxOboEyEb-TIIxhGqsnW5p42lzaL23v3H5WjB8HxBHwmg08FBq2Qt3q8jZGUI5JBkQT9ECU_JKwFZbz1JgpPAufrVf7QwTG5umFv1nRiq2wMxsGi-vLp_jWDYRynXbvcelVt9XUhrUT0fq0_NC_df9EdiKx3PulSkGj7_WnRg_nrzuJZqqUiXzwvEq5o5bMztMmo2MU2lV6EkCZejHRPOMtrUfPnRcVcogbh3dtbIC54wUFeAffRher1C3p-S_Vqll5H09pVBqTeIKpzymPG4yazeA0gJXOAebSgUCUc7rFccT85nESwHrW7x1wAF8dyc35KA4-jswkuvJfvTK-HmagoqJm30BA82lNMJ7G3tDTsLUS4Eh206Os2AiKkxXZdd6pD5wDRHnjYh4R0U6gL_swGsbUWE7YThzUADkcRNOxas0vwel5NvbeTdY40VC81VYZ0tXhFzTTOxZJd6tpGhxtMmIab_fnEgKoSpBsgvXTfUM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=nkpRW5YA8c7fLg-B797i_KldWMHhJn3mdf6-dYQIpSjWjc_7gHoy7btmZL6_Zfw_HPChNagq-yOWDntaPACb2SfyxMNYRj6Dm7-qNPIefaq9hH6vY7dDPziTRECtWH-B0Mec31a7WA7RW_fxAg5EEG7I43bvzvl2ryHco-Mf53PDWF00Wi14i3vd76UeRpHf-u7j8ltXCjxOboEyEb-TIIxhGqsnW5p42lzaL23v3H5WjB8HxBHwmg08FBq2Qt3q8jZGUI5JBkQT9ECU_JKwFZbz1JgpPAufrVf7QwTG5umFv1nRiq2wMxsGi-vLp_jWDYRynXbvcelVt9XUhrUT0fq0_NC_df9EdiKx3PulSkGj7_WnRg_nrzuJZqqUiXzwvEq5o5bMztMmo2MU2lV6EkCZejHRPOMtrUfPnRcVcogbh3dtbIC54wUFeAffRher1C3p-S_Vqll5H09pVBqTeIKpzymPG4yazeA0gJXOAebSgUCUc7rFccT85nESwHrW7x1wAF8dyc35KA4-jswkuvJfvTK-HmagoqJm30BA82lNMJ7G3tDTsLUS4Eh206Os2AiKkxXZdd6pD5wDRHnjYh4R0U6gL_swGsbUWE7YThzUADkcRNOxas0vwel5NvbeTdY40VC81VYZ0tXhFzTTOxZJd6tpGhxtMmIab_fnEgKoSpBsgvXTfUM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535b785051136d7402a9b0f7764ae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b1611398c5df1ec649dd83113d10d7ad921e1a8d9a19b3e249f2080dac3d678

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=BfKeEEA6wWl_t2dP31lSue3EoLmDQSf1khm6J5kMVxlWD39dsrJ20qoYmDGEmoPUr7bC4w5U69pWZXXUaFwAeouIdVKjOysultqOmlvLuqQV_QdZuTWAp0KKRueLDUK6FdsS6Saen6iD_SNhzkiKKbhGqSHfwcZLiSdi66YkQeQgKzCG2fkYwsXVHMNTftPleCVlKv8yv9u6slwz2MGLPYS6w8YQIXpVZK34exYliWkC3QGNkI3L5jeUL5DEGDev6FonPvfK4DrCDZE9QPTO602aTJQFBEl94dxHM1f5GY3sYUHY5Y9jW8UZ7u3uWO93r0uVbPQGYDqd7MRr7CT9NvkIGjaSoNoqkLOLB80DZJNQWQjeqFKMK1Hz2Dc3OkFSHs4t8a6Fa4qCD4dwO6G3x407iiOh7XCscLfV7u_8FnbEP3Faw5mwVS0yZ5TgxR0RupfXLTQgbwdagoM4tI0Znn4d39Iusf8aT3pzIkXSVe8fCEiNaKGzRxkezRmvG1r7Wzn46a-T4FdVigHPIqYsFgJpZSinD3IPX0-1AQcisE9ZGAfZCI1XIkjigFN_vL-TSjAL7VcST0kexq1hp2y4dHnrrUMLHWXk3Qq5owBJyMk8pNc78px9eBvHwyRLmR7LAjlbcbgT07fem01UZv9I3d_KRizpXIdNK3ilyX2PHdvFmLT5a4f108w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fb4b57e75261144c862d3baaec33b977299d3d2ac33eb9879cc7a11142ebbb77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=BfKeEEA6wWl_t2dP31lSue3EoLmDQSf1khm6J5kMVxlWD39dsrJ20qoYmDGEmoPUr7bC4w5U69pWZXXUaFwAeouIdVKjOysultqOmlvLuqQV_QdZuTWAp0KKRueLDUK6FdsS6Saen6iD_SNhzkiKKbhGqSHfwcZLiSdi66YkQeQgKzCG2fkYwsXVHMNTftPleCVlKv8yv9u6slwz2MGLPYS6w8YQIXpVZK34exYliWkC3QGNkI3L5jeUL5DEGDev6FonPvfK4DrCDZE9QPTO602aTJQFBEl94dxHM1f5GY3sYUHY5Y9jW8UZ7u3uWO93r0uVbPQGYDqd7MRr7CT9NvkIGjaSoNoqkLOLB80DZJNQWQjeqFKMK1Hz2Dc3OkFSHs4t8a6Fa4qCD4dwO6G3x407iiOh7XCscLfV7u_8FnbEP3Faw5mwVS0yZ5TgxR0RupfXLTQgbwdagoM4tI0Znn4d39Iusf8aT3pzIkXSVe8fCEiNaKGzRxkezRmvG1r7Wzn46a-T4FdVigHPIqYsFgJpZSinD3IPX0-1AQcisE9ZGAfZCI1XIkjigFN_vL-TSjAL7VcST0kexq1hp2y4dHnrrUMLHWXk3Qq5owBJyMk8pNc78px9eBvHwyRLmR7LAjlbcbgT07fem01UZv9I3d_KRizpXIdNK3ilyX2PHdvFmLT5a4f108w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=BfKeEEA6wWl_t2dP31lSue3EoLmDQSf1khm6J5kMVxlWD39dsrJ20qoYmDGEmoPUr7bC4w5U69pWZXXUaFwAeouIdVKjOysultqOmlvLuqQV_QdZuTWAp0KKRueLDUK6FdsS6Saen6iD_SNhzkiKKbhGqSHfwcZLiSdi66YkQeQgKzCG2fkYwsXVHMNTftPleCVlKv8yv9u6slwz2MGLPYS6w8YQIXpVZK34exYliWkC3QGNkI3L5jeUL5DEGDev6FonPvfK4DrCDZE9QPTO602aTJQFBEl94dxHM1f5GY3sYUHY5Y9jW8UZ7u3uWO93r0uVbPQGYDqd7MRr7CT9NvkIGjaSoNoqkLOLB80DZJNQWQjeqFKMK1Hz2Dc3OkFSHs4t8a6Fa4qCD4dwO6G3x407iiOh7XCscLfV7u_8FnbEP3Faw5mwVS0yZ5TgxR0RupfXLTQgbwdagoM4tI0Znn4d39Iusf8aT3pzIkXSVe8fCEiNaKGzRxkezRmvG1r7Wzn46a-T4FdVigHPIqYsFgJpZSinD3IPX0-1AQcisE9ZGAfZCI1XIkjigFN_vL-TSjAL7VcST0kexq1hp2y4dHnrrUMLHWXk3Qq5owBJyMk8pNc78px9eBvHwyRLmR7LAjlbcbgT07fem01UZv9I3d_KRizpXIdNK3ilyX2PHdvFmLT5a4f108w=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=BfKeEEA6wWl_t2dP31lSue3EoLmDQSf1khm6J5kMVxlWD39dsrJ20qoYmDGEmoPUr7bC4w5U69pWZXXUaFwAeouIdVKjOysultqOmlvLuqQV_QdZuTWAp0KKRueLDUK6FdsS6Saen6iD_SNhzkiKKbhGqSHfwcZLiSdi66YkQeQgKzCG2fkYwsXVHMNTftPleCVlKv8yv9u6slwz2MGLPYS6w8YQIXpVZK34exYliWkC3QGNkI3L5jeUL5DEGDev6FonPvfK4DrCDZE9QPTO602aTJQFBEl94dxHM1f5GY3sYUHY5Y9jW8UZ7u3uWO93r0uVbPQGYDqd7MRr7CT9NvkIGjaSoNoqkLOLB80DZJNQWQjeqFKMK1Hz2Dc3OkFSHs4t8a6Fa4qCD4dwO6G3x407iiOh7XCscLfV7u_8FnbEP3Faw5mwVS0yZ5TgxR0RupfXLTQgbwdagoM4tI0Znn4d39Iusf8aT3pzIkXSVe8fCEiNaKGzRxkezRmvG1r7Wzn46a-T4FdVigHPIqYsFgJpZSinD3IPX0-1AQcisE9ZGAfZCI1XIkjigFN_vL-TSjAL7VcST0kexq1hp2y4dHnrrUMLHWXk3Qq5owBJyMk8pNc78px9eBvHwyRLmR7LAjlbcbgT07fem01UZv9I3d_KRizpXIdNK3ilyX2PHdvFmLT5a4f108w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e94ff09685524d839ecc251f5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a24a49c9d7c9582841ca9068ebc5b54ed398cfd3d928d12846127a210243abfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=zEdsKWwg7bvrhdowR67G7Z1TJplZRWEw8lNV42eKJen_c_5hNVc8KNt2wkv6hmSEvjG0t9c-YLehbI3nCOBZOuU47Q_SOyZNC__jAcBSq2O8yf8DMLEZG2LxAh4nlT90oDivZMyX6RJZVe5IXPpVrzZGiV-7RDjSnSVMEjW37ipKC2L3ldpOCrJGwFvnT6wbwXLEEcFhcx5tEmiOaRdzDXQdIMF1R6zOfdfIqRA8xaUBkPvKQBld6He_gl_0a4AiCkZjnH57ljsFqYp4RJo7tDZ-XHy0SNMgQAmACG5Ea8G7liaZb_zo4UUlNRvBCs8e7YFcVBfLLRoVnw8vL03khKti8iqgSDFlG3It3kPcZ_N4Jps00PSLca29BC0DxG_9Fv2a5GyDGRWm5q7tZS3nb4Xc_EimqBCTMuWFUB0uiYLHafkvPQV1La6u5dQ8JVnDdG0tld2JBh_0z4s_IYdTK6777Q-BimKVi2q_i0CH_SIBA_lsQg9B1fs5068X0X2hwRjem6uqTxiV_rR8bj4gQDZWpl8MGYX_Xdgdykj1kU5wuHE2tw4ePpooiJ0YknC0MELFYMa2dXwLJbtqUsJCp1x8NKO8Lp665OP-H57ynZH4a5F_wl9CWGdUEHxpuDkiBmGJJoKru3zv1arnG4B-4sg9028qbCszhZA1ohILylxZFPt3vvTl2wk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
679c644a90f6636b6d5ce937d9b905bc2fcdb0126d1f5e4b8f7a1f34a951cb3f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=zEdsKWwg7bvrhdowR67G7Z1TJplZRWEw8lNV42eKJen_c_5hNVc8KNt2wkv6hmSEvjG0t9c-YLehbI3nCOBZOuU47Q_SOyZNC__jAcBSq2O8yf8DMLEZG2LxAh4nlT90oDivZMyX6RJZVe5IXPpVrzZGiV-7RDjSnSVMEjW37ipKC2L3ldpOCrJGwFvnT6wbwXLEEcFhcx5tEmiOaRdzDXQdIMF1R6zOfdfIqRA8xaUBkPvKQBld6He_gl_0a4AiCkZjnH57ljsFqYp4RJo7tDZ-XHy0SNMgQAmACG5Ea8G7liaZb_zo4UUlNRvBCs8e7YFcVBfLLRoVnw8vL03khKti8iqgSDFlG3It3kPcZ_N4Jps00PSLca29BC0DxG_9Fv2a5GyDGRWm5q7tZS3nb4Xc_EimqBCTMuWFUB0uiYLHafkvPQV1La6u5dQ8JVnDdG0tld2JBh_0z4s_IYdTK6777Q-BimKVi2q_i0CH_SIBA_lsQg9B1fs5068X0X2hwRjem6uqTxiV_rR8bj4gQDZWpl8MGYX_Xdgdykj1kU5wuHE2tw4ePpooiJ0YknC0MELFYMa2dXwLJbtqUsJCp1x8NKO8Lp665OP-H57ynZH4a5F_wl9CWGdUEHxpuDkiBmGJJoKru3zv1arnG4B-4sg9028qbCszhZA1ohILylxZFPt3vvTl2wk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605356d7eac86a0a1441591f96427c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2b5e8f37666744673f4da7de8e18d32667859a91677554cd5379b5a149aa889f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=gQBnacnnN-pU0faoZ3YxafRT6YTioH8UMXY-peaBAd9X5AAXP4q7owWGXZ5yua0dNUtwWAKZKlAYnyZd5SooUUUnW9KhI-buB8G9Hb8FyfxPdsBnfzWXNDf3mqVuUMKHlpqnEqcKhlNxJMrG66uyrrMPc265WagV1EUchRrp7bPzPv8p0BzixQkK_X1yFPcKP_R8tCMV3_AmJ5x2YfLnEs2pOSF1MNnLWwxAyCzoy2Q_QE6X5uLtxJHo9qyKuMOnkAQHEevZTog1kPs0qfD8RWb5xLkSiFlSt110MH_0NNixsB1YR-GcLVdZbWIewNn1lOHA5_o6GMLBbennAbIO1kLM2oFV9XvCz9I6O4I_oLLclGTOXLzzeEBRmoVHH5KZPq5_P_MOaNM7miOzkQWUZ7DlW3p4zwon4Yiq6dOUtcxYy-dFLWjR0RtTufvLt48jirrnSexqh0z705oNiA8SJqC7nWyRDk5bkNz81ll-_2ftoSJtj7n7-ZMDCcWMvPG9QTgHqS9qiagcJy5l59yYLKrcwAJegek2UD62L3B2fmG7zGhVHMdVtqGh7-eAWEtzM6K30YnFS3W3q5QDZhiDxYUEXTnDdEUQJiEXY921lq0Erc60O3_FoXqh7DHqpCGrGpznrLTXcE_EQKEMep60bOvBWiU8D714A-YzIT6-V32bktT41yjzRNk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1656eca2f6b0f2dc50bdbc61a874579017d48d2babfcb1bff4936e4bc89fd67a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=gQBnacnnN-pU0faoZ3YxafRT6YTioH8UMXY-peaBAd9X5AAXP4q7owWGXZ5yua0dNUtwWAKZKlAYnyZd5SooUUUnW9KhI-buB8G9Hb8FyfxPdsBnfzWXNDf3mqVuUMKHlpqnEqcKhlNxJMrG66uyrrMPc265WagV1EUchRrp7bPzPv8p0BzixQkK_X1yFPcKP_R8tCMV3_AmJ5x2YfLnEs2pOSF1MNnLWwxAyCzoy2Q_QE6X5uLtxJHo9qyKuMOnkAQHEevZTog1kPs0qfD8RWb5xLkSiFlSt110MH_0NNixsB1YR-GcLVdZbWIewNn1lOHA5_o6GMLBbennAbIO1kLM2oFV9XvCz9I6O4I_oLLclGTOXLzzeEBRmoVHH5KZPq5_P_MOaNM7miOzkQWUZ7DlW3p4zwon4Yiq6dOUtcxYy-dFLWjR0RtTufvLt48jirrnSexqh0z705oNiA8SJqC7nWyRDk5bkNz81ll-_2ftoSJtj7n7-ZMDCcWMvPG9QTgHqS9qiagcJy5l59yYLKrcwAJegek2UD62L3B2fmG7zGhVHMdVtqGh7-eAWEtzM6K30YnFS3W3q5QDZhiDxYUEXTnDdEUQJiEXY921lq0Erc60O3_FoXqh7DHqpCGrGpznrLTXcE_EQKEMep60bOvBWiU8D714A-YzIT6-V32bktT41yjzRNk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535cb676fa5fbdd4cfa9a57421501&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8f897a8b846568733f667626fc95ef971d2dbcc717dfd2f22d95d9cdbf6002d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=Wg0OsmY8pPM10j47yVekPuUIJR1AJ7LgnN7FZmN4SLz3bR9qYNdhoRZh3kJPcVNfofaX6_YvzjdPt2g2RCxbvS-fjrjjXuGSKi5gE2MieGsNzFcQLiruup86j5qD0vi4Vm5Wq3y_4VY2G8N9ceUM1kxldZF24obAtxFM462vekAkZsletzFarogIxAKoiUAJclHJxoN_AwWbIPouFU9IQsDle5KXesBBCLQjXv2xMc4hQs2G06Zr5cJtNwbSJqXV1f1q9zjStJGsLxSEdzyOMT0HNFutpPBMcYWHJ7WUk05m61COzVNXV9pZC54KvU5TatHfz4NI5xCJENWnZXhHuT0yG5nbH5-3368W952cgjZXa2rm4x2zRSLsW3FREXnY2I0eIh-TlTTMQJKJVbpFDiooC0DVAHjjdqnYVIEgA3Objcuj1mSJ2ll8pSAnfnST4ceJAOKEBxiTBh6N61SB9QenmA2yOiAi52fzIFF95yGDTVtYzQflKrm_eK0S7Sl13uhjRMPmImwToSoUbE-xN-Xmpn26YtGy4HAIE_2jQuDvKz03TKQaXUTFQhmH8KPFWCxJfnavf-R9SyoQ2lJKuWA98E4WxKkqTdlbMZvC3FdgtcVn8oEAoy6x522iVByrx6WKtZqwQqXKU1gUFtO6i0JNHuB5yFghvCvxo6FxzSMaMu1l5d9_hQM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
72f42f6d8083ceee6e65aa5d80d0645298f875d0f0c281ce82f5d44756dfae8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=Wg0OsmY8pPM10j47yVekPuUIJR1AJ7LgnN7FZmN4SLz3bR9qYNdhoRZh3kJPcVNfofaX6_YvzjdPt2g2RCxbvS-fjrjjXuGSKi5gE2MieGsNzFcQLiruup86j5qD0vi4Vm5Wq3y_4VY2G8N9ceUM1kxldZF24obAtxFM462vekAkZsletzFarogIxAKoiUAJclHJxoN_AwWbIPouFU9IQsDle5KXesBBCLQjXv2xMc4hQs2G06Zr5cJtNwbSJqXV1f1q9zjStJGsLxSEdzyOMT0HNFutpPBMcYWHJ7WUk05m61COzVNXV9pZC54KvU5TatHfz4NI5xCJENWnZXhHuT0yG5nbH5-3368W952cgjZXa2rm4x2zRSLsW3FREXnY2I0eIh-TlTTMQJKJVbpFDiooC0DVAHjjdqnYVIEgA3Objcuj1mSJ2ll8pSAnfnST4ceJAOKEBxiTBh6N61SB9QenmA2yOiAi52fzIFF95yGDTVtYzQflKrm_eK0S7Sl13uhjRMPmImwToSoUbE-xN-Xmpn26YtGy4HAIE_2jQuDvKz03TKQaXUTFQhmH8KPFWCxJfnavf-R9SyoQ2lJKuWA98E4WxKkqTdlbMZvC3FdgtcVn8oEAoy6x522iVByrx6WKtZqwQqXKU1gUFtO6i0JNHuB5yFghvCvxo6FxzSMaMu1l5d9_hQM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:42 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053548b41d715a40487e97d39f5713&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
21737757cbca9a7da0c19512ba0cd97eb310771628c438ad82c6c86d2b6ab613

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=X2lU1dhqp7mJEXf_dQBXgiRkWvnlaJ2Hoq4stmzqemz2dV0tk-P_V_s9q1XOMD-SfaarVRz6k1ROWvIciLvqsis_sWzTCDxPfpP1BSHGeQ4k5-RPoY2un_C-ZJcc4b4hkA9mG7oVCS3Y_FnfHkjiG9CCdyTTjb2hnLRl0Mu6R-mSPAADsIkfIm1IgqwPsdKQItDDt9k9hDkgsI9g7RNbauBy_CyHl9jc2gTtYsN8kgWMPZnVW41RlhJNcctvWvM9PenKAPAqqoZmL0bBNJYO1ZIKJca8svNNArLGF0POq2iwWqvcPv68Ls-D7fC4k8E2-7jIVIutehvnlKxpu8oKFi6hJuyl97Tpsk1XAveq-jBrJtClBMKg9dqbsU2ie6LLPuUNXVroNJm1xLH0ejRKQAG6W2uaqUMy9yOXItzwiS6SyGvYP_GrM0LUWdPrsefDo1HVKxKHQwW4YHZi1mMFHY5N_VWnJjKkNtwZRzOhp1Cxj27OfRJhFF0TYuMCmOF1taOEDboYVEqk4J-KsKQAShIXsGM8sBAlwlM6R3ZxMikg09jL3QUqcy9FuLpvud_cmhS4GeMvu7uflmDGDInQIfWlHX046_mcLLncVSx4alFvwfr0MdpDi24aAeKusmlAcB2nShF0RLnJTdttzXX7Y0-1LIIUuDkxefZ1hXFegbJ3HfJvbrB0CLA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
544a32bd856929b7d9a0e2dca27441849e5b7abe9c6519752ede8c4d5958c2a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=X2lU1dhqp7mJEXf_dQBXgiRkWvnlaJ2Hoq4stmzqemz2dV0tk-P_V_s9q1XOMD-SfaarVRz6k1ROWvIciLvqsis_sWzTCDxPfpP1BSHGeQ4k5-RPoY2un_C-ZJcc4b4hkA9mG7oVCS3Y_FnfHkjiG9CCdyTTjb2hnLRl0Mu6R-mSPAADsIkfIm1IgqwPsdKQItDDt9k9hDkgsI9g7RNbauBy_CyHl9jc2gTtYsN8kgWMPZnVW41RlhJNcctvWvM9PenKAPAqqoZmL0bBNJYO1ZIKJca8svNNArLGF0POq2iwWqvcPv68Ls-D7fC4k8E2-7jIVIutehvnlKxpu8oKFi6hJuyl97Tpsk1XAveq-jBrJtClBMKg9dqbsU2ie6LLPuUNXVroNJm1xLH0ejRKQAG6W2uaqUMy9yOXItzwiS6SyGvYP_GrM0LUWdPrsefDo1HVKxKHQwW4YHZi1mMFHY5N_VWnJjKkNtwZRzOhp1Cxj27OfRJhFF0TYuMCmOF1taOEDboYVEqk4J-KsKQAShIXsGM8sBAlwlM6R3ZxMikg09jL3QUqcy9FuLpvud_cmhS4GeMvu7uflmDGDInQIfWlHX046_mcLLncVSx4alFvwfr0MdpDi24aAeKusmlAcB2nShF0RLnJTdttzXX7Y0-1LIIUuDkxefZ1hXFegbJ3HfJvbrB0CLA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e7d22e33f1e04423824302f876&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
808ee735f586f047287df8e6c61cf5f492ce66de281bb81d16ae6218945bafa3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=JdgC7Nl53Ov9DaW3CVPi5ExjEqpctmOMynsbDhB-IuszqRMvx5gIJEIL49E7Wd0IlE_o0bh9chDORtw2EbiB1y1bz3EYeNDfGtflCP5Q0tDNHn7ZbIatQz1fNe7uICeCGiJ9NM2vGcDggNwoLwFqRsbJf_EcCdgMiCkkCt1IDjujG1Ku_78N1r6EkGySWYIQvTpuhusoaUIUVTGtfRY_uNgmCUZmi7dJIp-fkdXBfTHbvbzMsA1YlSn1kb2l3S-Rklpus6m09ek7l6MBb_4qWAh4DXB40mY-F0l89Z3iuz47iE2JZ1hsh5NBkaWZNMnrVvFRKbO81TPCAgfcYUQE5S4JB2i23qVNwXzTYxSrzIrVy8kg3PUKU3NI4lQNHnJSS3HGJ-S26c74X2KdWnhzr8LbXf83-EYOH2nF-xRNYNeTEqxD9fHaXueVivr7hQbHHcKB2T5foVWPgEn7loh3M1WTpjrT8xbtcOeiZy-3XfolARFNoVDRfxprGTwnr70vFKroByIylInerzdmg8crzvcTCFIB6fE7eYveuGXTYBK2SUnAnwbC9x3rSbY0Aw-MIdX3jCY9-ihcLRzVQdktRVvW34saDG5QlktTzjqoIpAvrn5mPs5Qjuec-BOSe1oqROwS_665qf_VLkhU5_vSRI2GQm2IY3AWXXLe7Bwm-mcahlBio4cgj84=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
30901c979ab4d790031d42207b0ced9dd41ee23294f3d46050b12ea1d9555a06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=JdgC7Nl53Ov9DaW3CVPi5ExjEqpctmOMynsbDhB-IuszqRMvx5gIJEIL49E7Wd0IlE_o0bh9chDORtw2EbiB1y1bz3EYeNDfGtflCP5Q0tDNHn7ZbIatQz1fNe7uICeCGiJ9NM2vGcDggNwoLwFqRsbJf_EcCdgMiCkkCt1IDjujG1Ku_78N1r6EkGySWYIQvTpuhusoaUIUVTGtfRY_uNgmCUZmi7dJIp-fkdXBfTHbvbzMsA1YlSn1kb2l3S-Rklpus6m09ek7l6MBb_4qWAh4DXB40mY-F0l89Z3iuz47iE2JZ1hsh5NBkaWZNMnrVvFRKbO81TPCAgfcYUQE5S4JB2i23qVNwXzTYxSrzIrVy8kg3PUKU3NI4lQNHnJSS3HGJ-S26c74X2KdWnhzr8LbXf83-EYOH2nF-xRNYNeTEqxD9fHaXueVivr7hQbHHcKB2T5foVWPgEn7loh3M1WTpjrT8xbtcOeiZy-3XfolARFNoVDRfxprGTwnr70vFKroByIylInerzdmg8crzvcTCFIB6fE7eYveuGXTYBK2SUnAnwbC9x3rSbY0Aw-MIdX3jCY9-ihcLRzVQdktRVvW34saDG5QlktTzjqoIpAvrn5mPs5Qjuec-BOSe1oqROwS_665qf_VLkhU5_vSRI2GQm2IY3AWXXLe7Bwm-mcahlBio4cgj84=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=JdgC7Nl53Ov9DaW3CVPi5ExjEqpctmOMynsbDhB-IuszqRMvx5gIJEIL49E7Wd0IlE_o0bh9chDORtw2EbiB1y1bz3EYeNDfGtflCP5Q0tDNHn7ZbIatQz1fNe7uICeCGiJ9NM2vGcDggNwoLwFqRsbJf_EcCdgMiCkkCt1IDjujG1Ku_78N1r6EkGySWYIQvTpuhusoaUIUVTGtfRY_uNgmCUZmi7dJIp-fkdXBfTHbvbzMsA1YlSn1kb2l3S-Rklpus6m09ek7l6MBb_4qWAh4DXB40mY-F0l89Z3iuz47iE2JZ1hsh5NBkaWZNMnrVvFRKbO81TPCAgfcYUQE5S4JB2i23qVNwXzTYxSrzIrVy8kg3PUKU3NI4lQNHnJSS3HGJ-S26c74X2KdWnhzr8LbXf83-EYOH2nF-xRNYNeTEqxD9fHaXueVivr7hQbHHcKB2T5foVWPgEn7loh3M1WTpjrT8xbtcOeiZy-3XfolARFNoVDRfxprGTwnr70vFKroByIylInerzdmg8crzvcTCFIB6fE7eYveuGXTYBK2SUnAnwbC9x3rSbY0Aw-MIdX3jCY9-ihcLRzVQdktRVvW34saDG5QlktTzjqoIpAvrn5mPs5Qjuec-BOSe1oqROwS_665qf_VLkhU5_vSRI2GQm2IY3AWXXLe7Bwm-mcahlBio4cgj84=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=JdgC7Nl53Ov9DaW3CVPi5ExjEqpctmOMynsbDhB-IuszqRMvx5gIJEIL49E7Wd0IlE_o0bh9chDORtw2EbiB1y1bz3EYeNDfGtflCP5Q0tDNHn7ZbIatQz1fNe7uICeCGiJ9NM2vGcDggNwoLwFqRsbJf_EcCdgMiCkkCt1IDjujG1Ku_78N1r6EkGySWYIQvTpuhusoaUIUVTGtfRY_uNgmCUZmi7dJIp-fkdXBfTHbvbzMsA1YlSn1kb2l3S-Rklpus6m09ek7l6MBb_4qWAh4DXB40mY-F0l89Z3iuz47iE2JZ1hsh5NBkaWZNMnrVvFRKbO81TPCAgfcYUQE5S4JB2i23qVNwXzTYxSrzIrVy8kg3PUKU3NI4lQNHnJSS3HGJ-S26c74X2KdWnhzr8LbXf83-EYOH2nF-xRNYNeTEqxD9fHaXueVivr7hQbHHcKB2T5foVWPgEn7loh3M1WTpjrT8xbtcOeiZy-3XfolARFNoVDRfxprGTwnr70vFKroByIylInerzdmg8crzvcTCFIB6fE7eYveuGXTYBK2SUnAnwbC9x3rSbY0Aw-MIdX3jCY9-ihcLRzVQdktRVvW34saDG5QlktTzjqoIpAvrn5mPs5Qjuec-BOSe1oqROwS_665qf_VLkhU5_vSRI2GQm2IY3AWXXLe7Bwm-mcahlBio4cgj84=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535bb4e10e3b5d9402b9f2b9f2584&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b14ac19e8d87f503f8dea1c1af2a30787371e77257133deeff2f4a19d297077f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=4jM__Y1mG-PghFqci_QN4Cq9q0wrv-pl49JmKwknFN3UApsCfgwSzDg7VOroImfscrySCTeRDc0kXL18LhYpufMCSvJpKTVErtzvfvFKtLb1Gw5jBxtjrkv9s85P7E6Vm9LabhbULw_UQkxB9jf5SIkHq35WQ1KgMODVegkgMH066VKBZrrlIcNyp39ilcK0Awszg3dU7kJzpyZT7R0jXhiTpRq7EZ8TkjOlAkjAoct6G3OloGSUI7LiY6N12x5HQxMVuSNrNYZipe3ypC3W0lgNUPYjhjoqD3QEncKfKYNgflQ5Ihz_Oq-85ClUHRRldqP06cVGWmjLHbGeJmiq0MECX-rQWM2SEYA15pUNp7y3horGSeU4tXe4yEeCnZqGZEjh5eNfy8mCkq9dznH5uGBBd-e-klYLZmkDijl3oQh82doz3q750kF8_kMFREiG8o1klNGJlJblDYIa546-flHrpHan7l13jyk-W-mNnDDGYmZSPEApgjDxONFm100SRuwkU2cGBk66DMAjtnqZhS6jMcBRbxzQETMZ_dmv3WdBmJrUPIswVgbbwB99g9Q6q8WvgRLVXKApPmQsHt3MYsgd5-gIwIqTr2AEIbRIg41ZBgKWu2nvB3XJusGj5jyfX7zkE80zUKNdXy8PDA8TedsQHjTuUuU6yrxAuuf0WpKM3rLy5qGyCso=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2ed6e8fb1b20379ef00e7b519f096c3d29e8baea4284e911dfd01b0910bbe61a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=4jM__Y1mG-PghFqci_QN4Cq9q0wrv-pl49JmKwknFN3UApsCfgwSzDg7VOroImfscrySCTeRDc0kXL18LhYpufMCSvJpKTVErtzvfvFKtLb1Gw5jBxtjrkv9s85P7E6Vm9LabhbULw_UQkxB9jf5SIkHq35WQ1KgMODVegkgMH066VKBZrrlIcNyp39ilcK0Awszg3dU7kJzpyZT7R0jXhiTpRq7EZ8TkjOlAkjAoct6G3OloGSUI7LiY6N12x5HQxMVuSNrNYZipe3ypC3W0lgNUPYjhjoqD3QEncKfKYNgflQ5Ihz_Oq-85ClUHRRldqP06cVGWmjLHbGeJmiq0MECX-rQWM2SEYA15pUNp7y3horGSeU4tXe4yEeCnZqGZEjh5eNfy8mCkq9dznH5uGBBd-e-klYLZmkDijl3oQh82doz3q750kF8_kMFREiG8o1klNGJlJblDYIa546-flHrpHan7l13jyk-W-mNnDDGYmZSPEApgjDxONFm100SRuwkU2cGBk66DMAjtnqZhS6jMcBRbxzQETMZ_dmv3WdBmJrUPIswVgbbwB99g9Q6q8WvgRLVXKApPmQsHt3MYsgd5-gIwIqTr2AEIbRIg41ZBgKWu2nvB3XJusGj5jyfX7zkE80zUKNdXy8PDA8TedsQHjTuUuU6yrxAuuf0WpKM3rLy5qGyCso=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351c679654d906488c9d9ae3389f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
78b99f75212aee90dc9c3ef7250065708c2595ab5a46c068c81fcd40c8a1e226

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=utZPFbaI8b-RTExNoULgIuBIlMXaxYuk_l3WWVVVm4qFvtDbfj312gQiSTDAKGoEZdCKMRc-zcyfAeYVm57X2prGrMPESkwQ5Wkhzzo_wdnqoClO0rNejK97okeQqT1SoXdLQhryDF05gd4f-OOontiYkSrHdGnyFmMxvmZzjq20l1u80ZoYFvD7JltTRtzw3OKxG_pG3ubkafvlCmm_Fw1VtouLKxu_v3nYHEA8K3AwAjBA7N16x0r8UeIbLT7Vafw6GRZHUi5ymVDz01Ja4Pv2hCOMNOd8WuY5_4n42vNdI_TFLVX6bLn7jw-aVlhHiMKUxsUj6LyUqQW7hUrUxWj29xWjL33tJ9fLqgP-l46VUXKV6LewdQ7YxpaxCozCquDsHd465g9VH-IA4FF1lainoSfi3Cid2tqz9cZxggyflp__8o5yVuX0ro-GNe4h3NNcCJVgNXo39iEkn7-fDQR0-wWsrj4KwpDB4peVXiqvX9ann43gsgdPLLEoN6LGmXXbfQMHuKGIfE8zmRFKbE6kCFyLRQ1Y6PACrUy-3_UjQPtGpCz3rtZ4X0PqZBxF1Y6Ts0YnOmBM2wFL5j82l2FEx149I6nVL9_gqMchH5vI7mFKCNF9juRHQgsF6rpriU1hewKZwHqzKpmLTE--rgDXmtKdt2jQ5MdUTj9UyuIi3_VrxmJ-dNU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0e6ee9a13e1967f15f1f330e0c4c238d8f61efea150a1c8aa10e022d8e1e51ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=utZPFbaI8b-RTExNoULgIuBIlMXaxYuk_l3WWVVVm4qFvtDbfj312gQiSTDAKGoEZdCKMRc-zcyfAeYVm57X2prGrMPESkwQ5Wkhzzo_wdnqoClO0rNejK97okeQqT1SoXdLQhryDF05gd4f-OOontiYkSrHdGnyFmMxvmZzjq20l1u80ZoYFvD7JltTRtzw3OKxG_pG3ubkafvlCmm_Fw1VtouLKxu_v3nYHEA8K3AwAjBA7N16x0r8UeIbLT7Vafw6GRZHUi5ymVDz01Ja4Pv2hCOMNOd8WuY5_4n42vNdI_TFLVX6bLn7jw-aVlhHiMKUxsUj6LyUqQW7hUrUxWj29xWjL33tJ9fLqgP-l46VUXKV6LewdQ7YxpaxCozCquDsHd465g9VH-IA4FF1lainoSfi3Cid2tqz9cZxggyflp__8o5yVuX0ro-GNe4h3NNcCJVgNXo39iEkn7-fDQR0-wWsrj4KwpDB4peVXiqvX9ann43gsgdPLLEoN6LGmXXbfQMHuKGIfE8zmRFKbE6kCFyLRQ1Y6PACrUy-3_UjQPtGpCz3rtZ4X0PqZBxF1Y6Ts0YnOmBM2wFL5j82l2FEx149I6nVL9_gqMchH5vI7mFKCNF9juRHQgsF6rpriU1hewKZwHqzKpmLTE--rgDXmtKdt2jQ5MdUTj9UyuIi3_VrxmJ-dNU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:43 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d5c26209ad614b0da94fa340b5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c877251b2f52c851f92521f88fa0a85f1c6884ff63fc8829f85d3990d203a0ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=YB7GUzSEX-jv2Tgb-UM6EiMScqhDTSOXcye8hp3pQuvEhyTpTBOJ3lqnflGQMAYMfZClBi6KcVxs78jcXQehconWSwGya-He2Ao8mdoXSfVfar27fnTmkAOFyBCwakamIrWntqTNvrDlGf574q59Zf5zORqVRWddN5jwKOkfKxIaNm0AmDnwtak0AcvpfP78cjdmYlT6TU8T4oxsGV6u5T7-sedNz9CB8omGuzmeEyDjkA4PhS7TaqoLGwyElmWEA5EpOGYHUo0BExgf5RHJirdG4P3Cr69ELlWVkHAUJDQe72v7kmuQrjbAeEbDraJ_hXna_3DZC6-RRz_B3jQAINrojycL1OSitq4ajBvi0CpEF3Y1XhvEcxV7DyI7ujopVsC0wuZ1-bxeHsvOKbnqj8I2akmdN0m23psy9KmZVlWc-PwC9OWBljRtCrgXkZN5Vd5SZFJ4wnuFuOHLxdR2BWvxnbUrEKE6voOnh4XMc928H-itCVXdxPCD4Jkxwlrn_AYDY37l2VmwS5ZpNGO8vGzg0nMiaocVUuH7lw-LxGt9lr4P3QyvyIy6c382AoBBvjTcNhXf0ZPB4_RoMlIEzb4oQL42zJuDGUvgtEF9ghelsJyILpXKfxtuqXk6vOZmNMm3LWRfnfMabTuQmGiY1Fa0SDHwvcmGz7xm3WBkG0GrjatOBpwX5ak=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
25a32cd78fd679c14fd7d6e86fae41c2a37d565875f141c5eaf0b305772e97de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=YB7GUzSEX-jv2Tgb-UM6EiMScqhDTSOXcye8hp3pQuvEhyTpTBOJ3lqnflGQMAYMfZClBi6KcVxs78jcXQehconWSwGya-He2Ao8mdoXSfVfar27fnTmkAOFyBCwakamIrWntqTNvrDlGf574q59Zf5zORqVRWddN5jwKOkfKxIaNm0AmDnwtak0AcvpfP78cjdmYlT6TU8T4oxsGV6u5T7-sedNz9CB8omGuzmeEyDjkA4PhS7TaqoLGwyElmWEA5EpOGYHUo0BExgf5RHJirdG4P3Cr69ELlWVkHAUJDQe72v7kmuQrjbAeEbDraJ_hXna_3DZC6-RRz_B3jQAINrojycL1OSitq4ajBvi0CpEF3Y1XhvEcxV7DyI7ujopVsC0wuZ1-bxeHsvOKbnqj8I2akmdN0m23psy9KmZVlWc-PwC9OWBljRtCrgXkZN5Vd5SZFJ4wnuFuOHLxdR2BWvxnbUrEKE6voOnh4XMc928H-itCVXdxPCD4Jkxwlrn_AYDY37l2VmwS5ZpNGO8vGzg0nMiaocVUuH7lw-LxGt9lr4P3QyvyIy6c382AoBBvjTcNhXf0ZPB4_RoMlIEzb4oQL42zJuDGUvgtEF9ghelsJyILpXKfxtuqXk6vOZmNMm3LWRfnfMabTuQmGiY1Fa0SDHwvcmGz7xm3WBkG0GrjatOBpwX5ak=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=YB7GUzSEX-jv2Tgb-UM6EiMScqhDTSOXcye8hp3pQuvEhyTpTBOJ3lqnflGQMAYMfZClBi6KcVxs78jcXQehconWSwGya-He2Ao8mdoXSfVfar27fnTmkAOFyBCwakamIrWntqTNvrDlGf574q59Zf5zORqVRWddN5jwKOkfKxIaNm0AmDnwtak0AcvpfP78cjdmYlT6TU8T4oxsGV6u5T7-sedNz9CB8omGuzmeEyDjkA4PhS7TaqoLGwyElmWEA5EpOGYHUo0BExgf5RHJirdG4P3Cr69ELlWVkHAUJDQe72v7kmuQrjbAeEbDraJ_hXna_3DZC6-RRz_B3jQAINrojycL1OSitq4ajBvi0CpEF3Y1XhvEcxV7DyI7ujopVsC0wuZ1-bxeHsvOKbnqj8I2akmdN0m23psy9KmZVlWc-PwC9OWBljRtCrgXkZN5Vd5SZFJ4wnuFuOHLxdR2BWvxnbUrEKE6voOnh4XMc928H-itCVXdxPCD4Jkxwlrn_AYDY37l2VmwS5ZpNGO8vGzg0nMiaocVUuH7lw-LxGt9lr4P3QyvyIy6c382AoBBvjTcNhXf0ZPB4_RoMlIEzb4oQL42zJuDGUvgtEF9ghelsJyILpXKfxtuqXk6vOZmNMm3LWRfnfMabTuQmGiY1Fa0SDHwvcmGz7xm3WBkG0GrjatOBpwX5ak=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=YB7GUzSEX-jv2Tgb-UM6EiMScqhDTSOXcye8hp3pQuvEhyTpTBOJ3lqnflGQMAYMfZClBi6KcVxs78jcXQehconWSwGya-He2Ao8mdoXSfVfar27fnTmkAOFyBCwakamIrWntqTNvrDlGf574q59Zf5zORqVRWddN5jwKOkfKxIaNm0AmDnwtak0AcvpfP78cjdmYlT6TU8T4oxsGV6u5T7-sedNz9CB8omGuzmeEyDjkA4PhS7TaqoLGwyElmWEA5EpOGYHUo0BExgf5RHJirdG4P3Cr69ELlWVkHAUJDQe72v7kmuQrjbAeEbDraJ_hXna_3DZC6-RRz_B3jQAINrojycL1OSitq4ajBvi0CpEF3Y1XhvEcxV7DyI7ujopVsC0wuZ1-bxeHsvOKbnqj8I2akmdN0m23psy9KmZVlWc-PwC9OWBljRtCrgXkZN5Vd5SZFJ4wnuFuOHLxdR2BWvxnbUrEKE6voOnh4XMc928H-itCVXdxPCD4Jkxwlrn_AYDY37l2VmwS5ZpNGO8vGzg0nMiaocVUuH7lw-LxGt9lr4P3QyvyIy6c382AoBBvjTcNhXf0ZPB4_RoMlIEzb4oQL42zJuDGUvgtEF9ghelsJyILpXKfxtuqXk6vOZmNMm3LWRfnfMabTuQmGiY1Fa0SDHwvcmGz7xm3WBkG0GrjatOBpwX5ak=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535304ec22ec9ce437cab2b3eee7a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
182a7888e74427e4f7e4cde73c0f5310d614769762ab81d8a97f25a92fc90e54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=8i0agx8C7eF-Vj2qqofc1CU68ZRGFhEpWtJ7AfquqeIgPFJhN7SSb48IYCJldvifbK0wl3XSCMgVw8focG3vNn93ghm7sDRQRllDtmVdSwKuzfkC_deyVMTdls01GuhbIcVfB3ZRHat41_WqLrjCamBjwrVYf146-IWz9T9UY4HZU8qipvgdlGM8w4EkQckRKYQoCnEOR8xD-PjB6VPzjTABRpz664T392PmteSoxZyfhuhHqmHn2Vhws1J2htNE3fhA5GKi97SHUgpDajCTkvnea0lw7u033i1IpptD5FyrS1NlKkSIUdJIzRCf9x5NOlviHQfQIOnYn3PKhg6kemPMs5yB8Glagz8FCBuLe75TlVTqD-HRRU8vpwr265nv1R6RWwDqkSppgYFZRTFcBo3onVUzDvBPEfrSCqzbAZt-jIirkfcJaiWWwMZ7WpvpMq3-8jbNLQxc2YGILk786IW7yNHd-haQShlizTyEPO2OwrA7ne-m5X6OrNbZkRpP9Ezhr8Gh1EElvkUPbSPT1ldWbYHncs2riaLbAZcGH9vRJZyNNKkG4IW9nB-BvdcB6_Hz3XyMcWx0oZCVTzimUJfLdtVb_XjVhx80CduXMGtNxBfwgRRPwS2tHQ7myDyr4t1iXW1o-3_EfaXeEwavb-nufEsHNztR-vZuhwV5-_sDdQW160ojFCQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
89883b10008715cb80a300c1b8cbdb25f69510957265a4c47594568428a8d55b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=8i0agx8C7eF-Vj2qqofc1CU68ZRGFhEpWtJ7AfquqeIgPFJhN7SSb48IYCJldvifbK0wl3XSCMgVw8focG3vNn93ghm7sDRQRllDtmVdSwKuzfkC_deyVMTdls01GuhbIcVfB3ZRHat41_WqLrjCamBjwrVYf146-IWz9T9UY4HZU8qipvgdlGM8w4EkQckRKYQoCnEOR8xD-PjB6VPzjTABRpz664T392PmteSoxZyfhuhHqmHn2Vhws1J2htNE3fhA5GKi97SHUgpDajCTkvnea0lw7u033i1IpptD5FyrS1NlKkSIUdJIzRCf9x5NOlviHQfQIOnYn3PKhg6kemPMs5yB8Glagz8FCBuLe75TlVTqD-HRRU8vpwr265nv1R6RWwDqkSppgYFZRTFcBo3onVUzDvBPEfrSCqzbAZt-jIirkfcJaiWWwMZ7WpvpMq3-8jbNLQxc2YGILk786IW7yNHd-haQShlizTyEPO2OwrA7ne-m5X6OrNbZkRpP9Ezhr8Gh1EElvkUPbSPT1ldWbYHncs2riaLbAZcGH9vRJZyNNKkG4IW9nB-BvdcB6_Hz3XyMcWx0oZCVTzimUJfLdtVb_XjVhx80CduXMGtNxBfwgRRPwS2tHQ7myDyr4t1iXW1o-3_EfaXeEwavb-nufEsHNztR-vZuhwV5-_sDdQW160ojFCQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c5bc9631db4a4001a2cfcc9467&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1c2136c8b165ea3a1467f1ec5e3b752656e163e2db367c6a497e7fcbf0aab687

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=oLuyTS2kvPhCUYJfT1RfDRY6CIe6ONj0mv334kMqurlyBLByLne-_mlaN7e1mEYCqlLwY6OXDnzvka1mqXh86NOO2qPnrep4tEmMDwcVnayt-PpIcpNJJXqnPxzuqUNBSdL4PSEgGzyzHyEApw6ko7d3Sg7VumaG4bm-WS7YTqfxLAIn57Sg6V4Jx6CbGDLs2OYAqu01TV0VcThavRTmDhwxRaIFVsES3NhXhqYvM9TQRsNz9fY8vddKtiMGWtqY2iSXas3CIOnouIeKWn8lccMZrdi-FkZcusS-VMkVon5KMCuUTjCnQktCxP6h298-ME2TRhAZ11I4L4Hep9DtzE4M2Mpu5DkBb1C3UkCbILPREWw4NBODzKqAVP8bsj_kj1IG_QMdPLnRdyYfGEEj6ZpOPOqUgtxQh47X0LKDjiPJL4w1j2yx829Dk9gRguZJ2xovB6G0RtV1zfW8ZGqYuKzIF0JFEWjD_RukpJVQCaIi9xTHANFTBuhwKdMWiIE_nfikyiA8440WIW_BI9tvXyDZAWDqWWY4_nY4s7TGjYTy6Fa7jVfwn3XS2SqEZFAujo8K4hSuNmFFuZboiYy_zlHtD6WjGPWtrJSgy9D4zkOhwPCGhamHCrQ5DNGjbMD_Wv8xHbQtTd_KOIvGfzYeh6-kPhBaWHM4zZiHptvs-ZSw4TmRnWelNwU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4acede80d78fe094f087f089a21e5944fec176d79fae9b2a009bed150df69b26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=oLuyTS2kvPhCUYJfT1RfDRY6CIe6ONj0mv334kMqurlyBLByLne-_mlaN7e1mEYCqlLwY6OXDnzvka1mqXh86NOO2qPnrep4tEmMDwcVnayt-PpIcpNJJXqnPxzuqUNBSdL4PSEgGzyzHyEApw6ko7d3Sg7VumaG4bm-WS7YTqfxLAIn57Sg6V4Jx6CbGDLs2OYAqu01TV0VcThavRTmDhwxRaIFVsES3NhXhqYvM9TQRsNz9fY8vddKtiMGWtqY2iSXas3CIOnouIeKWn8lccMZrdi-FkZcusS-VMkVon5KMCuUTjCnQktCxP6h298-ME2TRhAZ11I4L4Hep9DtzE4M2Mpu5DkBb1C3UkCbILPREWw4NBODzKqAVP8bsj_kj1IG_QMdPLnRdyYfGEEj6ZpOPOqUgtxQh47X0LKDjiPJL4w1j2yx829Dk9gRguZJ2xovB6G0RtV1zfW8ZGqYuKzIF0JFEWjD_RukpJVQCaIi9xTHANFTBuhwKdMWiIE_nfikyiA8440WIW_BI9tvXyDZAWDqWWY4_nY4s7TGjYTy6Fa7jVfwn3XS2SqEZFAujo8K4hSuNmFFuZboiYy_zlHtD6WjGPWtrJSgy9D4zkOhwPCGhamHCrQ5DNGjbMD_Wv8xHbQtTd_KOIvGfzYeh6-kPhBaWHM4zZiHptvs-ZSw4TmRnWelNwU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605353e929ec3965943e9a575818141&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
dd01114994e98a9311ac7b936dc854bcdb8f3094460213968519cbb0011bf1c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=2WTagKyMqru81qXyjnK3mx5EIaDn5YAPRZhrdOlCYY0UbnSic3fscRJLsLyY09cSSwqrKe-kbSU2D317d_wPXzKa1m42a3-bBW-2_g9lEKIT57r582Bzn1vE_cAy3xo1uPE2nLCAZeg4UGeihYOWKZFi4G665Bio29IybM2K0bfVV7gZOXI6iMH4fOLeP0AToZYaM8164OyHzpcv5kMWaAOrE9dVstaV68_XpimtUFSSFr0GhWo0ysx3YCf9AJ6jlwyNsELxlvhSoxWdrFBWOUevXISYXex8DzeAHzHzpPsgpw743cNgmKg1eqDOdmSTQmvIrNhphWcCHtW_JA4NRurKbDl32xlbj342wE6U_UUUDAhM-L6S_kGAi0Pcn7B5US8U9udQGrnHrrq4C0T66XDMsNaDN8pC6aipHqpKexeV12CJicqHgZNr4AO4JbG0BIM4SGJ5RZb6MqWa3KKCIPDwz5nBEDpbiUHWATFLN5gbRDA8MWcO8Wkx2ULdBcshIsCsC_lvOkNMbqetddvLhvfVVgKsfyr8m6W1k0Pwg956gA0WS5zxxFaUC86Exm_PNOJ-r6Oa8g5CzcWIqYKHKYj8B6u5WjdDxnd8wMU2SjVHLjc7h1pSnxnVP3n6dLLl1DTpAxENxUoLuNa_ZbLCQzWlyLjXRmmjfUwYJV8gppsO1H2wCYe16vc=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8225ff3ba4dae396e6c6848efacb243d12345f0e961799e36815a288c5ba698c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=2WTagKyMqru81qXyjnK3mx5EIaDn5YAPRZhrdOlCYY0UbnSic3fscRJLsLyY09cSSwqrKe-kbSU2D317d_wPXzKa1m42a3-bBW-2_g9lEKIT57r582Bzn1vE_cAy3xo1uPE2nLCAZeg4UGeihYOWKZFi4G665Bio29IybM2K0bfVV7gZOXI6iMH4fOLeP0AToZYaM8164OyHzpcv5kMWaAOrE9dVstaV68_XpimtUFSSFr0GhWo0ysx3YCf9AJ6jlwyNsELxlvhSoxWdrFBWOUevXISYXex8DzeAHzHzpPsgpw743cNgmKg1eqDOdmSTQmvIrNhphWcCHtW_JA4NRurKbDl32xlbj342wE6U_UUUDAhM-L6S_kGAi0Pcn7B5US8U9udQGrnHrrq4C0T66XDMsNaDN8pC6aipHqpKexeV12CJicqHgZNr4AO4JbG0BIM4SGJ5RZb6MqWa3KKCIPDwz5nBEDpbiUHWATFLN5gbRDA8MWcO8Wkx2ULdBcshIsCsC_lvOkNMbqetddvLhvfVVgKsfyr8m6W1k0Pwg956gA0WS5zxxFaUC86Exm_PNOJ-r6Oa8g5CzcWIqYKHKYj8B6u5WjdDxnd8wMU2SjVHLjc7h1pSnxnVP3n6dLLl1DTpAxENxUoLuNa_ZbLCQzWlyLjXRmmjfUwYJV8gppsO1H2wCYe16vc=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535400e63d73474452a9ef0c38cde&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
78627ae0c1ae4a42a6d5f167caade09e551c567a7185fc31b76ef21106dee8a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:44 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=QG3iGgE4XbT8OpcGPFPsA5-W-gVv2eOWlkejG28GvlhxBZK7g7kTbBEJ9dU0tklh82ilSvgVGzpp-8yG6cUD-wYhnX7MaKC9XRGRZL7sMCs6mDWSoudMOIwoZOCgxnCpDM6UoOQsI1ecm-_2P8OXWv-s5unk6SI-LYYtVRIDk9tit4ptCss4-aO-fZMq6JE3JjkWxnzASteO93vi6F2Zn2zEotAnKF6OV9Dq3X2nmC5414XHz9NtMLDrpwovRjHJ8xkJ4PzZheGe4LEstgqM4P2Od_PvG3BUFs8iAdWItyYp_INh1U2_VFez4K04vv1F-EnEA8X0v4iWek-aM9LwI4ikrmDG-gO7Wj-g24HjSjAS0WmWgcBf9ndICLrZwbFPc0Stv95OTq7u1aD93KiL5RkYQPSk_3wust5FdWz2Y_92wWwMNxQHrL6-LG30OFk3w4XfR3FmijymasUFY2oJFFFwsfF-xA_MzHRUhb1-Ij3DNXIxGyeQI3VgpPOq0WQRDmiqhuYPJQcwmcIANqDCM6QVZbNIp7D3BPe0lpmQKojGHoLcT-KwWljvMJWAWkHEkdEe4AQlxh0WOrTRYZNSGcFiq_tUvCpj0L6kYEKbZI3UiF4BQ4ZwQCXUScVZ65XPmyK-mxNgp-kzcXfC0hAO9pNmg4bHeYDC_ZHbXnpvXJBGZkTyuFe3VQQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
05665dc701b707050eb46b5bb997749ad5d6f2085b8b82961bbfdd2273ca04df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=QG3iGgE4XbT8OpcGPFPsA5-W-gVv2eOWlkejG28GvlhxBZK7g7kTbBEJ9dU0tklh82ilSvgVGzpp-8yG6cUD-wYhnX7MaKC9XRGRZL7sMCs6mDWSoudMOIwoZOCgxnCpDM6UoOQsI1ecm-_2P8OXWv-s5unk6SI-LYYtVRIDk9tit4ptCss4-aO-fZMq6JE3JjkWxnzASteO93vi6F2Zn2zEotAnKF6OV9Dq3X2nmC5414XHz9NtMLDrpwovRjHJ8xkJ4PzZheGe4LEstgqM4P2Od_PvG3BUFs8iAdWItyYp_INh1U2_VFez4K04vv1F-EnEA8X0v4iWek-aM9LwI4ikrmDG-gO7Wj-g24HjSjAS0WmWgcBf9ndICLrZwbFPc0Stv95OTq7u1aD93KiL5RkYQPSk_3wust5FdWz2Y_92wWwMNxQHrL6-LG30OFk3w4XfR3FmijymasUFY2oJFFFwsfF-xA_MzHRUhb1-Ij3DNXIxGyeQI3VgpPOq0WQRDmiqhuYPJQcwmcIANqDCM6QVZbNIp7D3BPe0lpmQKojGHoLcT-KwWljvMJWAWkHEkdEe4AQlxh0WOrTRYZNSGcFiq_tUvCpj0L6kYEKbZI3UiF4BQ4ZwQCXUScVZ65XPmyK-mxNgp-kzcXfC0hAO9pNmg4bHeYDC_ZHbXnpvXJBGZkTyuFe3VQQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535771de61a403642838556eff696&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1d93147b7f660d1ccae4da39142c88071e45bfddaffa8a7aafffb87c772ff843

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=2I4h7wxkYwREcZoYEb3hx8eS3jCIN6EDKCh---UWG2LKdvaWbznKIrgsIIQljfI1R23mwU_0jFI_7-_l6o9Z-GdfXISVcW91zSoxPVO58GvL7-ZCUWvyhuLsTJi2_SmVd5JU3QvwYJFbqQwA2zD7ZjnwlB-X0rPta8GbXapbmnkZXnPSedoNVDVlv8HvzN0Erk-PTbeYFdJcs_JjJiKqNI-n11raYfNClMBChsGujboyHSjey3MyW_LmdhYa9ra-vqp6DZBysYZcP02oUjgHNA9dCr00pKF9xXznBlKccn_kp8-AvDvw-new2lfU9QEWmZY1gOJ93aBJDJ9VBZesuvwvW4fCDTriIngPfvl3_XWg_l_sIhKk_0mXqmXfBXeHiS7WwpCKUV9WK6YwiX5KiuCh_7QpNaRoqwQVhUMgn8bl5LzFNosnIRzeOnThXsbr4hHZxD_NDjd2AWDXGdcITE4ZFfRReLWAiAKDdOBIXYpaP060UGbuZMKlfzd9Zy1rdU-6DBV3VAyscZgB-f1OCvTtuzpv4HhUhNeg9OTK54Vz-kOa_14pPoK-nqo887mFODiDNDfiXujFyUvWphqjMeZPXk5i6T7eb-zqg6lbnxJ2dUbYy5Bl8erTHsRfVYaOsdZuR1E185NsFPXkUzzW9zSzKPkVHL30pPxYejVa11UA6O7zJgT0ZHY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b00bf51b2695d13e18569d823bd2df9cc1290291c71e0270980e35070fd3cde

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=2I4h7wxkYwREcZoYEb3hx8eS3jCIN6EDKCh---UWG2LKdvaWbznKIrgsIIQljfI1R23mwU_0jFI_7-_l6o9Z-GdfXISVcW91zSoxPVO58GvL7-ZCUWvyhuLsTJi2_SmVd5JU3QvwYJFbqQwA2zD7ZjnwlB-X0rPta8GbXapbmnkZXnPSedoNVDVlv8HvzN0Erk-PTbeYFdJcs_JjJiKqNI-n11raYfNClMBChsGujboyHSjey3MyW_LmdhYa9ra-vqp6DZBysYZcP02oUjgHNA9dCr00pKF9xXznBlKccn_kp8-AvDvw-new2lfU9QEWmZY1gOJ93aBJDJ9VBZesuvwvW4fCDTriIngPfvl3_XWg_l_sIhKk_0mXqmXfBXeHiS7WwpCKUV9WK6YwiX5KiuCh_7QpNaRoqwQVhUMgn8bl5LzFNosnIRzeOnThXsbr4hHZxD_NDjd2AWDXGdcITE4ZFfRReLWAiAKDdOBIXYpaP060UGbuZMKlfzd9Zy1rdU-6DBV3VAyscZgB-f1OCvTtuzpv4HhUhNeg9OTK54Vz-kOa_14pPoK-nqo887mFODiDNDfiXujFyUvWphqjMeZPXk5i6T7eb-zqg6lbnxJ2dUbYy5Bl8erTHsRfVYaOsdZuR1E185NsFPXkUzzW9zSzKPkVHL30pPxYejVa11UA6O7zJgT0ZHY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535d49f5c6c79224ba88406555ff8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0f0cd502000a7a22fe7acf0668569bf56ec138e2945d38a19877e2f348419812

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=ruT_buQAd_xQx08Auh53ZHYOdFcFhQTGXH_43eaMPwU5l7AKbQ3VhCdR9HZv4EkvHlxj_yB8A_L51speIMNNN_Ml9ezx3kDlr7LXRZn_KsIOMX0hbCjK2vB2z6cN9h76WgD3eJcGIzBRKPXmmAq7nqf8S-6bb79ECKfdvGRnAvQCIJ5OUj95UEpJDQ2IiNyqOI0pupNlzSh1WCTTVHlNs9QEIefUPvylsoypu8CL9L9O_GJm-BNyh6sQsZx2MVqJ9SH0PixPyx88yZ28AnNJypwPybtidN_iDM9LijaIc_gZiitDafPfaDnbINRDqL4uH8jqKD93MgC7Vb7w3kCD5zkJjNrq6E-cPbNzaVKETy0pYC2OkQPYzTzg-qBCOQPyLnU1--Q--f9nt3hN6RjMfT1D0qhvWXcwxIuxUvcLrQmkBMOUOtV_R4NRTu87jXmYgGCaeiPhlm16RVCAQa_25whvxdMbPa8yHisv2cEIiWi7aVsHpm4O_wvNDwuS5pl_J1nFGpu0Hd3Q6DJP1kpiHnOp4jKTj0gooVK6F-q2HnYlTjPhuaHJ3dC5-Zh8dIeNLqQY1q5SxoeeG3yT0--nCUpYLsWcREtccMZ0UBI1BqOllg59CIQokq6aqVrpfXUNXApE9beT4BJJhZUK33uP1ugALRzmjspANAoJufGhvc46HYH3XDWgM90=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
db4ab008b57ab0ee9f99ee2dea7ef9e79517f661cd5d138ebdf8bfce7add80c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=ruT_buQAd_xQx08Auh53ZHYOdFcFhQTGXH_43eaMPwU5l7AKbQ3VhCdR9HZv4EkvHlxj_yB8A_L51speIMNNN_Ml9ezx3kDlr7LXRZn_KsIOMX0hbCjK2vB2z6cN9h76WgD3eJcGIzBRKPXmmAq7nqf8S-6bb79ECKfdvGRnAvQCIJ5OUj95UEpJDQ2IiNyqOI0pupNlzSh1WCTTVHlNs9QEIefUPvylsoypu8CL9L9O_GJm-BNyh6sQsZx2MVqJ9SH0PixPyx88yZ28AnNJypwPybtidN_iDM9LijaIc_gZiitDafPfaDnbINRDqL4uH8jqKD93MgC7Vb7w3kCD5zkJjNrq6E-cPbNzaVKETy0pYC2OkQPYzTzg-qBCOQPyLnU1--Q--f9nt3hN6RjMfT1D0qhvWXcwxIuxUvcLrQmkBMOUOtV_R4NRTu87jXmYgGCaeiPhlm16RVCAQa_25whvxdMbPa8yHisv2cEIiWi7aVsHpm4O_wvNDwuS5pl_J1nFGpu0Hd3Q6DJP1kpiHnOp4jKTj0gooVK6F-q2HnYlTjPhuaHJ3dC5-Zh8dIeNLqQY1q5SxoeeG3yT0--nCUpYLsWcREtccMZ0UBI1BqOllg59CIQokq6aqVrpfXUNXApE9beT4BJJhZUK33uP1ugALRzmjspANAoJufGhvc46HYH3XDWgM90=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605352738e22384014dcaa7832bfd20&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
889050a8b61c9e932e6267333a7e6f203316b02487e96d8f293bb14b042135e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Tfj7EwXQgViX7dZbvIW5K3hDrqPuXE_6gewXS2-9b7qNFOdjb_WIjmncEOjYrdksLc2hIUNPvjv2TgwQI2qDg4aL0itFmXhIKBRtSLtmSlru7pM9A5pSP5wRIYd2XIe6aINkf7lC42KS_tOsM4VJUiFaMztCnR5V2qO7czDIf4zpUhrKr9QhSrSmijVeUEz8X1ObWeFyprUCbRckGKJDaUak2Eni9LrUPu2Kg2S8sAWgo6-BHFIKgyZtLfG6yuSG4bR8axF3f5jZM6EhNqt07mKK4JT2rzT5k8On0CQVLq2FTAS8guixRFsbJ6goTeXRmyhVa-jByhPwPdtKUuUefsSXZIVkIg_dxXvSceJy3yMoBzqG-lPT_vh4UN9AGC-e8Lkt1arkhgWNSvYG4YPS8ghht1JVb2knIWmLi5Lm2k_hdczUH_IwVGFj6fjH0WfTE-ZA97GwZ1B2aNqNshognyFSIv8OoOkOWm6ApfpRpG2wfZR-dMZ7Csh7EAl3gHVnrgpjWU1gHy_fI61PmY5KEszCNAtkkz6V24cXgXhZzb6kwhbSZ5RiZoTLHrmjnefdEhsxUZyi5czZUqNJ4jmcNFYaIHfcDd_fLXLjST1tUyvQQjjnP3rEy3adak-v1JWkbpho288hWpe1dcjvJv5iaKRHnzEA_gtqAQhDuefvluMrYhwPJdu_M-A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
23c54196df34a4b0e1d12e9103be8ec60b40b9bcd534d314afae988bf4dba0e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Tfj7EwXQgViX7dZbvIW5K3hDrqPuXE_6gewXS2-9b7qNFOdjb_WIjmncEOjYrdksLc2hIUNPvjv2TgwQI2qDg4aL0itFmXhIKBRtSLtmSlru7pM9A5pSP5wRIYd2XIe6aINkf7lC42KS_tOsM4VJUiFaMztCnR5V2qO7czDIf4zpUhrKr9QhSrSmijVeUEz8X1ObWeFyprUCbRckGKJDaUak2Eni9LrUPu2Kg2S8sAWgo6-BHFIKgyZtLfG6yuSG4bR8axF3f5jZM6EhNqt07mKK4JT2rzT5k8On0CQVLq2FTAS8guixRFsbJ6goTeXRmyhVa-jByhPwPdtKUuUefsSXZIVkIg_dxXvSceJy3yMoBzqG-lPT_vh4UN9AGC-e8Lkt1arkhgWNSvYG4YPS8ghht1JVb2knIWmLi5Lm2k_hdczUH_IwVGFj6fjH0WfTE-ZA97GwZ1B2aNqNshognyFSIv8OoOkOWm6ApfpRpG2wfZR-dMZ7Csh7EAl3gHVnrgpjWU1gHy_fI61PmY5KEszCNAtkkz6V24cXgXhZzb6kwhbSZ5RiZoTLHrmjnefdEhsxUZyi5czZUqNJ4jmcNFYaIHfcDd_fLXLjST1tUyvQQjjnP3rEy3adak-v1JWkbpho288hWpe1dcjvJv5iaKRHnzEA_gtqAQhDuefvluMrYhwPJdu_M-A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535422930993b5e49d7b9140ebd28&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8bd5711c58c37bf7592421226c9e2ca8f3cddea7dd11f0d96c4991fda936595b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:45 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Jx7qY2nfXNkdq6TOlK6rxnQuNx19HZjZCEyPRqKv55P9QYpIhzpH17gNn03Y1BW6hPHW92gKFFfUTaQ_0xjkPEodcr96hyTkr_B7SzQZVVPUqUiDGqeBfq30pw2G7Hw5hoEMN92-oyFyTXs8lPsqPT6SUgzxoxYsdZJYQpyexp_uB6x60qJaVE3lFgTsNaJInFiMdesjtes1d4W8tjksPMh4ksqygZjz5A-Dsue8BJeuYilvXS8PHEWm5xG1scG2oAyOlTY3U2-XIzNbKuYiu_EcsWnWvMaZGqOrhB6JuWY4FCwksrBXp_LiuIxYQP6DIVZxjqpJtcER54PDskLp_YfTEEaFpFgzSKtvDpgVovT4qRBFCZcqYpQFh8C6R_wsmulmJJEYFmuYGe2rkwyhVZb28Ko3ZDhqxbLnVeLRx2hGJi9Uc5NGrezS9KvmgH1ZCo6slNahYcSrRrv-9HktKzo8P_sNzobfh9ZLT6ua-ntBM4af6Ruep8hIcWFSAzhtqF-TgrwNA6A-3wGEaTdXl7oL4D9TADjRpe0M-XRPVaDBNbXVZMBr9c4gR98Q2c1NUgcbcW55Y7U0IJMV4AzP7aCpl3KyESgpE3ER27I19iSo_cMnOdWDaX945U59fJX14ekWyebz5OY9uu-Jm68B9ssBKh0EsiznqHk8AiGTBzp0RU_E3oS4QTs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
dcfabeb081390b04771b7c2f53a330f0b032e02f0eda1647971e553846690d97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Jx7qY2nfXNkdq6TOlK6rxnQuNx19HZjZCEyPRqKv55P9QYpIhzpH17gNn03Y1BW6hPHW92gKFFfUTaQ_0xjkPEodcr96hyTkr_B7SzQZVVPUqUiDGqeBfq30pw2G7Hw5hoEMN92-oyFyTXs8lPsqPT6SUgzxoxYsdZJYQpyexp_uB6x60qJaVE3lFgTsNaJInFiMdesjtes1d4W8tjksPMh4ksqygZjz5A-Dsue8BJeuYilvXS8PHEWm5xG1scG2oAyOlTY3U2-XIzNbKuYiu_EcsWnWvMaZGqOrhB6JuWY4FCwksrBXp_LiuIxYQP6DIVZxjqpJtcER54PDskLp_YfTEEaFpFgzSKtvDpgVovT4qRBFCZcqYpQFh8C6R_wsmulmJJEYFmuYGe2rkwyhVZb28Ko3ZDhqxbLnVeLRx2hGJi9Uc5NGrezS9KvmgH1ZCo6slNahYcSrRrv-9HktKzo8P_sNzobfh9ZLT6ua-ntBM4af6Ruep8hIcWFSAzhtqF-TgrwNA6A-3wGEaTdXl7oL4D9TADjRpe0M-XRPVaDBNbXVZMBr9c4gR98Q2c1NUgcbcW55Y7U0IJMV4AzP7aCpl3KyESgpE3ER27I19iSo_cMnOdWDaX945U59fJX14ekWyebz5OY9uu-Jm68B9ssBKh0EsiznqHk8AiGTBzp0RU_E3oS4QTs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535500d1baeba1e4c83a63489b5f2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
493bcddb7d697d183378d3e373aab5b5bcd3d3edcf264ff12d2c5eca19eacf34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QMTtJuawx8QuiZH_qxlrtb4gWqihRlRWxcYFOZBBX-WIidixRo_O--2wPBohTpSgesJw84cziZr5KZhP2KBHRxpIVNPrKqU6XOjjcF-JauEmPy-0qD0uM5yygB5y5xAx53w2114DGKz69JsK874M9zPL-IAiP1nVz95HJnESRO66fOzJgHRT25a8UJHR37rhC69lfjvcwb7jDtj7SyAItoEsJpPqAonw_dBDXqCEiA3odTDSIvvA_Z6MqwR8I37PRfASWWzoK8pYI9_BZDvMUrhpHEGmd0LBxFrLBIdHzC4i9eTuOPkkR3539VCNZRQhwWDDuYCn6LJv2kwETVfye3gc9_qedlGc7VQDGAJEznxQFkMwaSbLiYC9ylaMTBQjXh9Cv3fOW2L7oDGHiSQ8cFZf4aZA7W31L5g9KZ-bqRYcuQ2pLDv-ydLIaH8_lDud88lK4sMsFTHXD8ZDKczljdoZXEasqtrW48yER21LEDbCCTbfDljDw449WZiYG31ua2atNlaINuCkRBCLuS3rOIjzgAhwxissl5SYbdooa39zuDpq-8maVf5GJlwdNvPQHNCj7M2e_UoGt-ZAl9t7_S-vjYUyyqKhHm9iGPkdKo4-e0JDSDT9NgQPpr9x8nBXTcKVeZxLlCf6iqbo8_ANSoKCPgyO4ZL5_myxICmRQ4v5z7Iw4jw3_nk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fd8b1cecdff7f1d22d5eec2859f0b7cb5db6938b8a6e33c9f56b63344cdf9bd0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QMTtJuawx8QuiZH_qxlrtb4gWqihRlRWxcYFOZBBX-WIidixRo_O--2wPBohTpSgesJw84cziZr5KZhP2KBHRxpIVNPrKqU6XOjjcF-JauEmPy-0qD0uM5yygB5y5xAx53w2114DGKz69JsK874M9zPL-IAiP1nVz95HJnESRO66fOzJgHRT25a8UJHR37rhC69lfjvcwb7jDtj7SyAItoEsJpPqAonw_dBDXqCEiA3odTDSIvvA_Z6MqwR8I37PRfASWWzoK8pYI9_BZDvMUrhpHEGmd0LBxFrLBIdHzC4i9eTuOPkkR3539VCNZRQhwWDDuYCn6LJv2kwETVfye3gc9_qedlGc7VQDGAJEznxQFkMwaSbLiYC9ylaMTBQjXh9Cv3fOW2L7oDGHiSQ8cFZf4aZA7W31L5g9KZ-bqRYcuQ2pLDv-ydLIaH8_lDud88lK4sMsFTHXD8ZDKczljdoZXEasqtrW48yER21LEDbCCTbfDljDw449WZiYG31ua2atNlaINuCkRBCLuS3rOIjzgAhwxissl5SYbdooa39zuDpq-8maVf5GJlwdNvPQHNCj7M2e_UoGt-ZAl9t7_S-vjYUyyqKhHm9iGPkdKo4-e0JDSDT9NgQPpr9x8nBXTcKVeZxLlCf6iqbo8_ANSoKCPgyO4ZL5_myxICmRQ4v5z7Iw4jw3_nk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053544960441734c4547b653b14e93&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f056cff08c8dfdb2ca14e79bf5d7b7b45f9287064104c11ad51bbbb073129bb3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=pVTJEPk2bOfMLZ3OmT5sUVOjJqK_56cTzkxkqjv3bSTUnBuKo52du3SOCFEPB7H0UwMiCovBw00kGrE-tMlRwnOuL8EFoE_f5DStoR4W9qzM2aYwIe2BXDQ9jzHp180FVYOyps6n0CcUbq5jPZqPWLPng4rB8hxQdfqwHJ61DTFc06xIn3Lt7glCiAzXDsNmteP5LtKQ0LhqMJbfq0SkdIeRR9X4A5mioTlVvcDohUUUV1gNKMUvho3bVGc83LH40xZ9l1gmkzqf-h7EFL4dum7Vy3cy4lrDyxBgRu07wPrN5TWBpqjD_wn3G-6xB-ClSk6IwHuLsA-s8hqGJAMcr8tj3pFT9B1SyMC35U1N1mND7r-qrsxZINV0LwN2svNWwiSAUYUqM5BfFC5iU-7lD7vTPq1gyIn-fB2zccQJIV3qc5zp-zvrDEkjDzyo-4w5PYpmELoLiIzUEY-YL01Okri62f2YSa3tjUTUYbDoPnqFdqPOGRez2nXzlj64L-sqf05IqZFiWj8ocRlOlsz6UiQeluf4NZ3UnJGsoE_eeqoF2QjCUNIoUBxGtJC0Pi_YVmwlEzVg1FtBzSFf_YdHkfmgXnIcK5gTx64B9vq85CWz7MFVFzIpJ73SlU6rQhjr1OxEFdZvyKteUK8F84h6Kc-s_MWOyJPDXS5aSHzHHlU-ePsGd7Ona_s=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
046694c07b678960870f7d025833e5edaf50e569ec944170a830509453797919

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=pVTJEPk2bOfMLZ3OmT5sUVOjJqK_56cTzkxkqjv3bSTUnBuKo52du3SOCFEPB7H0UwMiCovBw00kGrE-tMlRwnOuL8EFoE_f5DStoR4W9qzM2aYwIe2BXDQ9jzHp180FVYOyps6n0CcUbq5jPZqPWLPng4rB8hxQdfqwHJ61DTFc06xIn3Lt7glCiAzXDsNmteP5LtKQ0LhqMJbfq0SkdIeRR9X4A5mioTlVvcDohUUUV1gNKMUvho3bVGc83LH40xZ9l1gmkzqf-h7EFL4dum7Vy3cy4lrDyxBgRu07wPrN5TWBpqjD_wn3G-6xB-ClSk6IwHuLsA-s8hqGJAMcr8tj3pFT9B1SyMC35U1N1mND7r-qrsxZINV0LwN2svNWwiSAUYUqM5BfFC5iU-7lD7vTPq1gyIn-fB2zccQJIV3qc5zp-zvrDEkjDzyo-4w5PYpmELoLiIzUEY-YL01Okri62f2YSa3tjUTUYbDoPnqFdqPOGRez2nXzlj64L-sqf05IqZFiWj8ocRlOlsz6UiQeluf4NZ3UnJGsoE_eeqoF2QjCUNIoUBxGtJC0Pi_YVmwlEzVg1FtBzSFf_YdHkfmgXnIcK5gTx64B9vq85CWz7MFVFzIpJ73SlU6rQhjr1OxEFdZvyKteUK8F84h6Kc-s_MWOyJPDXS5aSHzHHlU-ePsGd7Ona_s=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355dd25ab5cfc84e8aa46b843cf8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e05223097bfdc428372345d34a9c1981690739519a7c18bf38c843480fb177ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=KDso1Nce5HNti0T53QCYpiFKfrqI8GZ78RSkDormJ3oknOd_cPLzVrd44X8gfgYKUA88zkbiPBJS9z49vqeVTkbzwzvJQD92_AL44xRaeAaVQnITJH5y4GKUGUPFsP0ioYAetCCQrjuy-JlehZZCodjHvhFAFqqP7SX70HAX0xdF_Oap_pG6YvxCYHxWzYblTfJdSXO6CAO7u8c7N3h62vVSjevpIMaJ0So48slS4-1nJMeXldxFx_Z_2Miqn7FvRzge3lPsjv9_idfPu60_k1XZY5RjKx62URCqkqUwIMaq5Ay-Z035jcoZKWh2Iru7CnneEbRtecCqhJp90w3FnvLcBXNpnhlTcIPH-_9cOt7DhVwrH3IpHeTndzFdUI7VJ4_SgVmGSHUsPQJkoovNB7Kl9GOwSfdiERUtLJbV7YV8ZJZRub0RzwNRomIe8dkkherCctJyQuFksYC96J_aHbFQy680muFuu-tm8GuGOq7c82xFQlTR7tiUi82JHXQJklYRcLcc7J0iJje0pRGlx5nJcUmjK4jVOTGNDSIcIkbh2lbMsJuB4ybImE6SGXHGQpQUFDPc0peFzkSwRckjikJyJZ8sPRAQgxEogd53klG81tHWV22Y5B-FQ88g6uD6PHlkjvE-tGfnVA32Mkoic58sYI_5PAlB8n-cfEClGNMyblACsirBGL0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fe17716c51dc6e59f58761309affa06b5c50c9bb518289e2be658f5673d74066

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=KDso1Nce5HNti0T53QCYpiFKfrqI8GZ78RSkDormJ3oknOd_cPLzVrd44X8gfgYKUA88zkbiPBJS9z49vqeVTkbzwzvJQD92_AL44xRaeAaVQnITJH5y4GKUGUPFsP0ioYAetCCQrjuy-JlehZZCodjHvhFAFqqP7SX70HAX0xdF_Oap_pG6YvxCYHxWzYblTfJdSXO6CAO7u8c7N3h62vVSjevpIMaJ0So48slS4-1nJMeXldxFx_Z_2Miqn7FvRzge3lPsjv9_idfPu60_k1XZY5RjKx62URCqkqUwIMaq5Ay-Z035jcoZKWh2Iru7CnneEbRtecCqhJp90w3FnvLcBXNpnhlTcIPH-_9cOt7DhVwrH3IpHeTndzFdUI7VJ4_SgVmGSHUsPQJkoovNB7Kl9GOwSfdiERUtLJbV7YV8ZJZRub0RzwNRomIe8dkkherCctJyQuFksYC96J_aHbFQy680muFuu-tm8GuGOq7c82xFQlTR7tiUi82JHXQJklYRcLcc7J0iJje0pRGlx5nJcUmjK4jVOTGNDSIcIkbh2lbMsJuB4ybImE6SGXHGQpQUFDPc0peFzkSwRckjikJyJZ8sPRAQgxEogd53klG81tHWV22Y5B-FQ88g6uD6PHlkjvE-tGfnVA32Mkoic58sYI_5PAlB8n-cfEClGNMyblACsirBGL0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535927adb476af3448a8289bafc85&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f35c6bd67a5673e6066439859e6e2bf29f5c70f4881a6a714026cfd2defc7b54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QUecyKf3fFpn3n_23df-ihP8TUBNVdx53jUuC-BJUkMWQRzFn43OoyrdJvUMNKjMQKllo7-VAlkeNnc0j_CuUasMeNYR0aaVscukBQqnT7jyduUfL_qH4sDBan-_zlxK4yDPG8SCO5sim7yU-bV9oREu1dyjW8DffBY2eVNtIy6FsOONyhBKnwtQd0e0EeIYxbejjClM5TAGf47z47tRTftmLHZn75lu01uZwfLqOuu4ErSyqd5U6o6L2ABlINpFxqv4EV_Qe_CR9BIhlLPIepqeLr6EeLhWBlvtkF-AkaTfRc2q-tXC3sMYC5ngttUE2nuo421dNdmFlkaH5QxAzIVu_3SNxIXJZ5-rh1ngol9hp3OgLigyeVy2Wu7Sapvh-_4k3v1hd1dl5DAO2Kz5C7d-pcbscL-22SAXbrwaSgulaKh0wO33O44P_eVE7E8tZX357MVrIBZu_H61gHL_4TmeSbdZqLbDSQLcXkI30KHlBuPw72l2k8lhPTY8jm0E7gzH4wK2SbyFb3CmRhhF__ew0M1FSwUTV2nNRyruQsigqPR1ty83uHxRDeIdQWpNbrVFeEcqIEV77qfSvVDNysbr4ARaQ1KIrDe8bBWzII71FBa-MZhuOGyL6SQA0PQmhM2xfQC63giUGynXCxJ-cN1P6_vllCS2UQxhbvBIL9pNFbC9PHJ_utY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c368ddc33b8b9103ea0297559ce9c314f6b6b1b772c06b705c9dd17bdea97c6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QUecyKf3fFpn3n_23df-ihP8TUBNVdx53jUuC-BJUkMWQRzFn43OoyrdJvUMNKjMQKllo7-VAlkeNnc0j_CuUasMeNYR0aaVscukBQqnT7jyduUfL_qH4sDBan-_zlxK4yDPG8SCO5sim7yU-bV9oREu1dyjW8DffBY2eVNtIy6FsOONyhBKnwtQd0e0EeIYxbejjClM5TAGf47z47tRTftmLHZn75lu01uZwfLqOuu4ErSyqd5U6o6L2ABlINpFxqv4EV_Qe_CR9BIhlLPIepqeLr6EeLhWBlvtkF-AkaTfRc2q-tXC3sMYC5ngttUE2nuo421dNdmFlkaH5QxAzIVu_3SNxIXJZ5-rh1ngol9hp3OgLigyeVy2Wu7Sapvh-_4k3v1hd1dl5DAO2Kz5C7d-pcbscL-22SAXbrwaSgulaKh0wO33O44P_eVE7E8tZX357MVrIBZu_H61gHL_4TmeSbdZqLbDSQLcXkI30KHlBuPw72l2k8lhPTY8jm0E7gzH4wK2SbyFb3CmRhhF__ew0M1FSwUTV2nNRyruQsigqPR1ty83uHxRDeIdQWpNbrVFeEcqIEV77qfSvVDNysbr4ARaQ1KIrDe8bBWzII71FBa-MZhuOGyL6SQA0PQmhM2xfQC63giUGynXCxJ-cN1P6_vllCS2UQxhbvBIL9pNFbC9PHJ_utY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:46 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c739e4d6b46e4bfe90cb0bf375&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cbbe99449fa8c7c5fb0811c0992bafdce1fdbfa0e044f8e46268940031338554

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=GEDDGkkusLEUSZzR8MC_9VMMYvrEunl-Pd8ezsiJki2h3KchmvXzJNNpRrJgKVk0fJWaKHJcOuMiYkpUgREdYgoz1uPVsNyuJTyYAYJkmeFSPUnnjrfWDS7It_5yyeunCYFS43G8WEm37gfz6EmIn0c9Lk8Htm2evXu73g6hCmCFJuOTlNB1U9WFpEUbOWwDBkEa4P9_5gjdwXVYaUbN5sRX31UZ5qn3-8LWjCFGl0E8iWqxZDPF2EyZdLVXStFLK_B2SfNb_Xj0dr2CCvsCgczPI60J_RZuUcHBAzQxlU-EEhEw-bSSmrWUruwV-mint_DX3YYZBLNhE_hCs4vm8rkW-7mXtCTjySGCd9YYYRDu1DooAw8kiMdT9R22kChBS5fHMGG_fQwGElqSk8vh-UeDkgBEZC9jVaR6m7oF-vnBSD0v2im-zPLUk22knRxYlh-_4oeCiuHD9S-zKQX22UvN1SUDXpJEe6WCl0AZCQ8mH498ybe7wsYyHhgB3wIDV_CrErYTXphKcvVGs2WohiFV_vIhypB8MnR0xgie9M55hgaHI5dvny978L8a6ISgpO0HW2AzSLEH7ot922YTM9NSHCBkDQotc7iHt3yvaIQqXzLf9RTs5SI_KvpJfdRYCHSUx-IlBc9-yUz9P1dfhfCQgoAk024veLxZEPm37T9GU-3Rd46v2go=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
68833882814c65ae44f332867121fec24f4ccce4538cea6e5fa4151ccd8faf7c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=GEDDGkkusLEUSZzR8MC_9VMMYvrEunl-Pd8ezsiJki2h3KchmvXzJNNpRrJgKVk0fJWaKHJcOuMiYkpUgREdYgoz1uPVsNyuJTyYAYJkmeFSPUnnjrfWDS7It_5yyeunCYFS43G8WEm37gfz6EmIn0c9Lk8Htm2evXu73g6hCmCFJuOTlNB1U9WFpEUbOWwDBkEa4P9_5gjdwXVYaUbN5sRX31UZ5qn3-8LWjCFGl0E8iWqxZDPF2EyZdLVXStFLK_B2SfNb_Xj0dr2CCvsCgczPI60J_RZuUcHBAzQxlU-EEhEw-bSSmrWUruwV-mint_DX3YYZBLNhE_hCs4vm8rkW-7mXtCTjySGCd9YYYRDu1DooAw8kiMdT9R22kChBS5fHMGG_fQwGElqSk8vh-UeDkgBEZC9jVaR6m7oF-vnBSD0v2im-zPLUk22knRxYlh-_4oeCiuHD9S-zKQX22UvN1SUDXpJEe6WCl0AZCQ8mH498ybe7wsYyHhgB3wIDV_CrErYTXphKcvVGs2WohiFV_vIhypB8MnR0xgie9M55hgaHI5dvny978L8a6ISgpO0HW2AzSLEH7ot922YTM9NSHCBkDQotc7iHt3yvaIQqXzLf9RTs5SI_KvpJfdRYCHSUx-IlBc9-yUz9P1dfhfCQgoAk024veLxZEPm37T9GU-3Rd46v2go=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535c92ef789b0f3479d99860fc2aa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b102dbdbf4dc4352dc343666817caca938b7b5a764c907e6db46d1e0e51a34c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=k6w6k5Mp9v467ICUHPoci-OT0rXVr08LeHZWIWHJT0kZTi1gs_mJRKPLIOtjerB7_FwwEyN9ywGT59xuO8vElIJBh6VEpOhWmUhRtpe6cPr8QpICa7mbqOygOnWECxiIRk3NnMP7Zyj1ZO_SrNJZZ5_Giz8ywvfYNVyKBsMkR1k8dyiS0isOR5Sz_Dj-hcKdFSmbtLoxpriShmbFMiWe5e4iXwhL0f8AeVPEeugcEqzp5kSYVyGdYVELJNEkccpTIaPaGhtHxzyUN9AzIwUIXekAno8DYtpkAzMWEs_Noqlwn4KEWEPNEsympcGGF6WFHWtVLUxeTOgQl0LdIGFvu05tJNOHjuFwXHmmHVvoJgwkn31FzTLAKViCqAJz4OI_pJk8DNBMXWHft2QoWI6IWt3f98xQCWEBBPayDJaEiv8hNRqqoc5ij7in4ZgJ7wwUjy3NoLdOcLCuIcygT_fXljFL4CEiCEwpNk5JjMk5Xj1obcYsnNypbnkf7xcQLXj3GkWYb_UudpCzweNT8-TLTPvKPxLZ-k10F4Z9wlVNYULRxyQDTiCvo8hkoiuFktXjjd0UXsTT4lL9Aojf6k5ZTSLe0pskVxVKVGpCXxXEYJn_GuiMRWcOWMhNZcCvIo1etoS1NXUGn3f2_PE9tqdGO0_UjEtVFbfOGtol2YCmAkzauqG2RB8T9rw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d10d0470e0119e6bfc3d6f28c24494453f4f540fecf9beedf972983cd3415c60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=k6w6k5Mp9v467ICUHPoci-OT0rXVr08LeHZWIWHJT0kZTi1gs_mJRKPLIOtjerB7_FwwEyN9ywGT59xuO8vElIJBh6VEpOhWmUhRtpe6cPr8QpICa7mbqOygOnWECxiIRk3NnMP7Zyj1ZO_SrNJZZ5_Giz8ywvfYNVyKBsMkR1k8dyiS0isOR5Sz_Dj-hcKdFSmbtLoxpriShmbFMiWe5e4iXwhL0f8AeVPEeugcEqzp5kSYVyGdYVELJNEkccpTIaPaGhtHxzyUN9AzIwUIXekAno8DYtpkAzMWEs_Noqlwn4KEWEPNEsympcGGF6WFHWtVLUxeTOgQl0LdIGFvu05tJNOHjuFwXHmmHVvoJgwkn31FzTLAKViCqAJz4OI_pJk8DNBMXWHft2QoWI6IWt3f98xQCWEBBPayDJaEiv8hNRqqoc5ij7in4ZgJ7wwUjy3NoLdOcLCuIcygT_fXljFL4CEiCEwpNk5JjMk5Xj1obcYsnNypbnkf7xcQLXj3GkWYb_UudpCzweNT8-TLTPvKPxLZ-k10F4Z9wlVNYULRxyQDTiCvo8hkoiuFktXjjd0UXsTT4lL9Aojf6k5ZTSLe0pskVxVKVGpCXxXEYJn_GuiMRWcOWMhNZcCvIo1etoS1NXUGn3f2_PE9tqdGO0_UjEtVFbfOGtol2YCmAkzauqG2RB8T9rw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053504ab1cd75e6c4dc4a4b7c14bc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fce2e884d19f331dcdc974494294c96cef2759f68b2723b179ce8fe3a47fe9c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=2vtIqzUrrm8c2IFsOkLOhjLdVHyGjkZr0NK5ZvnA0RNdJdxtsTvLw9EKnv9JDQUOxhfK17Lu3_WCRwaMd_a_hYJNj69E8iWZP_ahYaGcGOIodFNVCmI55FWK9ii9rMsuVvvyLutvfQuvNTVq7jGId5PGTm8K65HpDVu_a9m3_ojhrqVf8XdnJ9TqhEiv6giSt6KQc0b8qcubh5yLo1ZQy8mPgKZk8faZHPMbYYhNPRJQBxUe6h2oRAlehNJ6ckzuNlbs2Q0DBGBv8GGt9FH16dWWi3tSCy2vQyKs2LLRVYbYys1mb5jUJUGxwDJ1kVsOakKKUkuFsOLFhdja7CbOoPp5wSSBdE67K0Id3HbCQEndYFc0x-JBon0DRAtdHGhFV2g9ht7oOHmhynNcASGE7J-qraJjaxIjwMFNo1A3tOFn-2UfleBn2Zv_IC6w_5ALCURTA_bFxeLKl5LwAwLNTN2tnLb8o64tmnNZSMsReLZEGQg6AQr49qFgp8y-Cin6B3lxt2txhyEf6i6qFQMiYLpCvtradrkBePmm7ikG-cjFaFmNid8Mdz9Nn7sbKgMR08w850_yGEXOMvMN27H6bb01YCACCHY-LuxXB16z8lh7BlkCx1Abf64xOXMgZPj1xC7Az3okrx83t0RXBT3pSBFIJdhjzIQ2UabAUseKuFG396TfQ6Rw3yw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
778fb0788ad38975eae90c2b7290198b857ac9cfacc211d3fcf46387b9b25bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=2vtIqzUrrm8c2IFsOkLOhjLdVHyGjkZr0NK5ZvnA0RNdJdxtsTvLw9EKnv9JDQUOxhfK17Lu3_WCRwaMd_a_hYJNj69E8iWZP_ahYaGcGOIodFNVCmI55FWK9ii9rMsuVvvyLutvfQuvNTVq7jGId5PGTm8K65HpDVu_a9m3_ojhrqVf8XdnJ9TqhEiv6giSt6KQc0b8qcubh5yLo1ZQy8mPgKZk8faZHPMbYYhNPRJQBxUe6h2oRAlehNJ6ckzuNlbs2Q0DBGBv8GGt9FH16dWWi3tSCy2vQyKs2LLRVYbYys1mb5jUJUGxwDJ1kVsOakKKUkuFsOLFhdja7CbOoPp5wSSBdE67K0Id3HbCQEndYFc0x-JBon0DRAtdHGhFV2g9ht7oOHmhynNcASGE7J-qraJjaxIjwMFNo1A3tOFn-2UfleBn2Zv_IC6w_5ALCURTA_bFxeLKl5LwAwLNTN2tnLb8o64tmnNZSMsReLZEGQg6AQr49qFgp8y-Cin6B3lxt2txhyEf6i6qFQMiYLpCvtradrkBePmm7ikG-cjFaFmNid8Mdz9Nn7sbKgMR08w850_yGEXOMvMN27H6bb01YCACCHY-LuxXB16z8lh7BlkCx1Abf64xOXMgZPj1xC7Az3okrx83t0RXBT3pSBFIJdhjzIQ2UabAUseKuFG396TfQ6Rw3yw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605355fdecfc9401546cb8810a6721f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b0809906e6580be7a4341ef55d2df3dd86b167ff8e64d82dc85241234da640c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=5l9gWDD26_1ZJFEpOrgHC-G2-C2JMHaziFhc03LHM_TlZ19yJ3yYsLexLqc6f0ayRVDa18gImraNRx7PKEkAXHnlJsx2VKDbij6cpJMN88jJkrbu5BN5UWbpnFrLMRXi8k0vpsG1YnfBygXZCZIV1N9WVJGzdrLm6Q8PV2LFY5tR87WOyy0V4nhofWwi13lktluXG0mzzWme2GlDtOIzbCOGGuSwtA5DRRkFtQaDGnB1TudD1IlMgVHGcetQlPCEjDbvaGoMlyHhw7nlW1pZyj5Txi7_L4-i1-0bXjJEbTQQ8EXDPC5MjQyfFfvZp8f8TtO9ZaZJUpoet0xXfPBLNnEVoPouHryZK_IGdlMSL8p8as_uiNpOi0VDiLxw_jAU3OPxUpujFGO9RUWW9jCoUqsB2eCMufq27XIFD7dvtGluVBTq34agaw14PjceTyzojBf_FQ0KPkClWCEEgZy2MXv-_EhUbtHoZxqEy6RPCe30yqBx-5wBC3SNF3np5kHjsUopdJdIxKg3YHfLtV86ws2WEwxYgDSobPSaEYaWssGVtB0nbWxn5Z7xxJAaI3KZT4tsS4BPGKCE_F8wU_A_yzFGpsSli8QeimJzlV8W6efXpDhNZQEtqqiY2vuCICW-uqabdZ_miUFuSA7zRJkx9NZ6-9fhfcPRNayQ8ipyWnj7WR1uwK2jqR8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e7b2e1314abc498e3d640dbdc9d6e628ceb1856ca7f7d09c2842a7ebf9481e93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=5l9gWDD26_1ZJFEpOrgHC-G2-C2JMHaziFhc03LHM_TlZ19yJ3yYsLexLqc6f0ayRVDa18gImraNRx7PKEkAXHnlJsx2VKDbij6cpJMN88jJkrbu5BN5UWbpnFrLMRXi8k0vpsG1YnfBygXZCZIV1N9WVJGzdrLm6Q8PV2LFY5tR87WOyy0V4nhofWwi13lktluXG0mzzWme2GlDtOIzbCOGGuSwtA5DRRkFtQaDGnB1TudD1IlMgVHGcetQlPCEjDbvaGoMlyHhw7nlW1pZyj5Txi7_L4-i1-0bXjJEbTQQ8EXDPC5MjQyfFfvZp8f8TtO9ZaZJUpoet0xXfPBLNnEVoPouHryZK_IGdlMSL8p8as_uiNpOi0VDiLxw_jAU3OPxUpujFGO9RUWW9jCoUqsB2eCMufq27XIFD7dvtGluVBTq34agaw14PjceTyzojBf_FQ0KPkClWCEEgZy2MXv-_EhUbtHoZxqEy6RPCe30yqBx-5wBC3SNF3np5kHjsUopdJdIxKg3YHfLtV86ws2WEwxYgDSobPSaEYaWssGVtB0nbWxn5Z7xxJAaI3KZT4tsS4BPGKCE_F8wU_A_yzFGpsSli8QeimJzlV8W6efXpDhNZQEtqqiY2vuCICW-uqabdZ_miUFuSA7zRJkx9NZ6-9fhfcPRNayQ8ipyWnj7WR1uwK2jqR8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=5l9gWDD26_1ZJFEpOrgHC-G2-C2JMHaziFhc03LHM_TlZ19yJ3yYsLexLqc6f0ayRVDa18gImraNRx7PKEkAXHnlJsx2VKDbij6cpJMN88jJkrbu5BN5UWbpnFrLMRXi8k0vpsG1YnfBygXZCZIV1N9WVJGzdrLm6Q8PV2LFY5tR87WOyy0V4nhofWwi13lktluXG0mzzWme2GlDtOIzbCOGGuSwtA5DRRkFtQaDGnB1TudD1IlMgVHGcetQlPCEjDbvaGoMlyHhw7nlW1pZyj5Txi7_L4-i1-0bXjJEbTQQ8EXDPC5MjQyfFfvZp8f8TtO9ZaZJUpoet0xXfPBLNnEVoPouHryZK_IGdlMSL8p8as_uiNpOi0VDiLxw_jAU3OPxUpujFGO9RUWW9jCoUqsB2eCMufq27XIFD7dvtGluVBTq34agaw14PjceTyzojBf_FQ0KPkClWCEEgZy2MXv-_EhUbtHoZxqEy6RPCe30yqBx-5wBC3SNF3np5kHjsUopdJdIxKg3YHfLtV86ws2WEwxYgDSobPSaEYaWssGVtB0nbWxn5Z7xxJAaI3KZT4tsS4BPGKCE_F8wU_A_yzFGpsSli8QeimJzlV8W6efXpDhNZQEtqqiY2vuCICW-uqabdZ_miUFuSA7zRJkx9NZ6-9fhfcPRNayQ8ipyWnj7WR1uwK2jqR8=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=5l9gWDD26_1ZJFEpOrgHC-G2-C2JMHaziFhc03LHM_TlZ19yJ3yYsLexLqc6f0ayRVDa18gImraNRx7PKEkAXHnlJsx2VKDbij6cpJMN88jJkrbu5BN5UWbpnFrLMRXi8k0vpsG1YnfBygXZCZIV1N9WVJGzdrLm6Q8PV2LFY5tR87WOyy0V4nhofWwi13lktluXG0mzzWme2GlDtOIzbCOGGuSwtA5DRRkFtQaDGnB1TudD1IlMgVHGcetQlPCEjDbvaGoMlyHhw7nlW1pZyj5Txi7_L4-i1-0bXjJEbTQQ8EXDPC5MjQyfFfvZp8f8TtO9ZaZJUpoet0xXfPBLNnEVoPouHryZK_IGdlMSL8p8as_uiNpOi0VDiLxw_jAU3OPxUpujFGO9RUWW9jCoUqsB2eCMufq27XIFD7dvtGluVBTq34agaw14PjceTyzojBf_FQ0KPkClWCEEgZy2MXv-_EhUbtHoZxqEy6RPCe30yqBx-5wBC3SNF3np5kHjsUopdJdIxKg3YHfLtV86ws2WEwxYgDSobPSaEYaWssGVtB0nbWxn5Z7xxJAaI3KZT4tsS4BPGKCE_F8wU_A_yzFGpsSli8QeimJzlV8W6efXpDhNZQEtqqiY2vuCICW-uqabdZ_miUFuSA7zRJkx9NZ6-9fhfcPRNayQ8ipyWnj7WR1uwK2jqR8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053583a4fd67a1684b9e8de71e27eb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
65074c92e325e8efcbbbb3fd0f2129e12b4e1f60745d0baf4f38f131f6a453cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:47 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=eCnreg4rS5VwfMx7T4NTK9deE2fl9RPs9Ox-fW9MOj0lGMtRcaT2cXSkNpCHHK82J4aOYgMNvYrezsixZc4jHdPlVdI2Kzwqx4Yxvf85lBKAZXmKiWRpDBLOkgD_cRu378C4xIh_qkW9eurrznZR5I1jsnWJOBqKlYDoR7ZWT8asClLrxmM13wAmgrKF7VH0y6DlOtm60JSdVa6-W9t9ZtYUW_eD4-9VF7i9xu_sINX7FVEVcd91-cA5tZXL2QX_62ZX-_OVSQVUEzO7tF2QDORitKummCEWC2WDuIxy3gmWpS0baUctqCibwX6JkSCrKeqRm349gto24_uAj1KfZ8xqbQxpiptTztTac4phinM7qUR7XgIoIu0HJ-gBZQQOVJWTSEQr4AiT5TOtIzKL3QNZlZYE9bwliUIinOADXvk_O3nhZbsff5dQtxsOQveexBt_up5dcQuluK0AxP85roXKAMWIs9YPDOB3W6Wt4mNkjIZWA69GqoWRlpUyJlp4Tf4b-bjfWbB1cLQz9LloeS1lD5nFQ1LROgJ08d_mtaCB4iLM5gVNevyO2oRktsFSwBLDu8quZiG7bt1uNCrZaakG1D_o3DpKz3mUGD4rcRSrSDKEsGP838ZvtEK2_-Jl68jCfPd6gS2tG81UmoU_J17Eu5hsjR3OZNOTybBQUFYZC64AhSMyG0A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f1332dcf9e4fe0c57a620e93e0d1328dd3e21b67a936b570b4b7982af4879221

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=eCnreg4rS5VwfMx7T4NTK9deE2fl9RPs9Ox-fW9MOj0lGMtRcaT2cXSkNpCHHK82J4aOYgMNvYrezsixZc4jHdPlVdI2Kzwqx4Yxvf85lBKAZXmKiWRpDBLOkgD_cRu378C4xIh_qkW9eurrznZR5I1jsnWJOBqKlYDoR7ZWT8asClLrxmM13wAmgrKF7VH0y6DlOtm60JSdVa6-W9t9ZtYUW_eD4-9VF7i9xu_sINX7FVEVcd91-cA5tZXL2QX_62ZX-_OVSQVUEzO7tF2QDORitKummCEWC2WDuIxy3gmWpS0baUctqCibwX6JkSCrKeqRm349gto24_uAj1KfZ8xqbQxpiptTztTac4phinM7qUR7XgIoIu0HJ-gBZQQOVJWTSEQr4AiT5TOtIzKL3QNZlZYE9bwliUIinOADXvk_O3nhZbsff5dQtxsOQveexBt_up5dcQuluK0AxP85roXKAMWIs9YPDOB3W6Wt4mNkjIZWA69GqoWRlpUyJlp4Tf4b-bjfWbB1cLQz9LloeS1lD5nFQ1LROgJ08d_mtaCB4iLM5gVNevyO2oRktsFSwBLDu8quZiG7bt1uNCrZaakG1D_o3DpKz3mUGD4rcRSrSDKEsGP838ZvtEK2_-Jl68jCfPd6gS2tG81UmoU_J17Eu5hsjR3OZNOTybBQUFYZC64AhSMyG0A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605358e57436b2b4a4b2c8845a15366&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
04a62dcf303607ec5991f7b849379521882d7c0bea6ddda2db29ffd90dfb726d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=N0UYzhkd_MojaZ50YwDwqWpfN6iWTGDyUkqUkVUmcUt2mQseLyG41GiphNG_0APuHOfpWgjzzhIFN2ZayOXTsesc1s8DCfagH6rpkoRWrEOgPEF_AQ6wn7Nm0SGeXfg8rwEeLsgPj-WkPU3cVXbvmLFHVzlb-eoO-pCS2E03VGvCPOqbHE3N5L70J4c4hhvZZVgFvgn2nB439Ft9RfYku4ZiK1yvWgUKYn9abi48pK-cegQfxkSuKOGVk-yS4O8PYWkp_x-wefV7-_03KlZq7XePDpWNBRGVB1Ms-q11DQJYhXlpdbxv1zQ9jACcYJjUcHSTheL57NQywlqf-V5oS23iIJntMmgxu19LKla1wXsqhgjnEHUvcAlHm2k2eyCBuO3ySQ-1b1f-YN9ke8PKJSKszv-EZ3p2vI6fO7TnhFpGjSK3pZJXqHLDp6G87gNWQbo6fQX378lAEnP5wVifAM8zHUC8wfL6uhLMnu4X9WVPIAw2n6ox8nrGBKzNdjkDexAHiBdMGBHLNwsa-KxU3U9Hrr-53Bs8JdfDE2TLQY_5mHPnm1SJpR_VBpVb8TN7T6y_hFUrhUZZGtHVhokQU5wSuZC9hj7aI2gWGbOwUjcd30bpyJOz1feiwU8ZUWUW1JzW4rff8Ih3XlTn43Tl8zamwZ5T3zdAerz3YffgH5-1YJllaJ9C7A8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b5acdf0d5d93bb49ae9ef3b5d20c30fb39b40d90f174e66e9573472e546197ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=N0UYzhkd_MojaZ50YwDwqWpfN6iWTGDyUkqUkVUmcUt2mQseLyG41GiphNG_0APuHOfpWgjzzhIFN2ZayOXTsesc1s8DCfagH6rpkoRWrEOgPEF_AQ6wn7Nm0SGeXfg8rwEeLsgPj-WkPU3cVXbvmLFHVzlb-eoO-pCS2E03VGvCPOqbHE3N5L70J4c4hhvZZVgFvgn2nB439Ft9RfYku4ZiK1yvWgUKYn9abi48pK-cegQfxkSuKOGVk-yS4O8PYWkp_x-wefV7-_03KlZq7XePDpWNBRGVB1Ms-q11DQJYhXlpdbxv1zQ9jACcYJjUcHSTheL57NQywlqf-V5oS23iIJntMmgxu19LKla1wXsqhgjnEHUvcAlHm2k2eyCBuO3ySQ-1b1f-YN9ke8PKJSKszv-EZ3p2vI6fO7TnhFpGjSK3pZJXqHLDp6G87gNWQbo6fQX378lAEnP5wVifAM8zHUC8wfL6uhLMnu4X9WVPIAw2n6ox8nrGBKzNdjkDexAHiBdMGBHLNwsa-KxU3U9Hrr-53Bs8JdfDE2TLQY_5mHPnm1SJpR_VBpVb8TN7T6y_hFUrhUZZGtHVhokQU5wSuZC9hj7aI2gWGbOwUjcd30bpyJOz1feiwU8ZUWUW1JzW4rff8Ih3XlTn43Tl8zamwZ5T3zdAerz3YffgH5-1YJllaJ9C7A8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=N0UYzhkd_MojaZ50YwDwqWpfN6iWTGDyUkqUkVUmcUt2mQseLyG41GiphNG_0APuHOfpWgjzzhIFN2ZayOXTsesc1s8DCfagH6rpkoRWrEOgPEF_AQ6wn7Nm0SGeXfg8rwEeLsgPj-WkPU3cVXbvmLFHVzlb-eoO-pCS2E03VGvCPOqbHE3N5L70J4c4hhvZZVgFvgn2nB439Ft9RfYku4ZiK1yvWgUKYn9abi48pK-cegQfxkSuKOGVk-yS4O8PYWkp_x-wefV7-_03KlZq7XePDpWNBRGVB1Ms-q11DQJYhXlpdbxv1zQ9jACcYJjUcHSTheL57NQywlqf-V5oS23iIJntMmgxu19LKla1wXsqhgjnEHUvcAlHm2k2eyCBuO3ySQ-1b1f-YN9ke8PKJSKszv-EZ3p2vI6fO7TnhFpGjSK3pZJXqHLDp6G87gNWQbo6fQX378lAEnP5wVifAM8zHUC8wfL6uhLMnu4X9WVPIAw2n6ox8nrGBKzNdjkDexAHiBdMGBHLNwsa-KxU3U9Hrr-53Bs8JdfDE2TLQY_5mHPnm1SJpR_VBpVb8TN7T6y_hFUrhUZZGtHVhokQU5wSuZC9hj7aI2gWGbOwUjcd30bpyJOz1feiwU8ZUWUW1JzW4rff8Ih3XlTn43Tl8zamwZ5T3zdAerz3YffgH5-1YJllaJ9C7A8=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=N0UYzhkd_MojaZ50YwDwqWpfN6iWTGDyUkqUkVUmcUt2mQseLyG41GiphNG_0APuHOfpWgjzzhIFN2ZayOXTsesc1s8DCfagH6rpkoRWrEOgPEF_AQ6wn7Nm0SGeXfg8rwEeLsgPj-WkPU3cVXbvmLFHVzlb-eoO-pCS2E03VGvCPOqbHE3N5L70J4c4hhvZZVgFvgn2nB439Ft9RfYku4ZiK1yvWgUKYn9abi48pK-cegQfxkSuKOGVk-yS4O8PYWkp_x-wefV7-_03KlZq7XePDpWNBRGVB1Ms-q11DQJYhXlpdbxv1zQ9jACcYJjUcHSTheL57NQywlqf-V5oS23iIJntMmgxu19LKla1wXsqhgjnEHUvcAlHm2k2eyCBuO3ySQ-1b1f-YN9ke8PKJSKszv-EZ3p2vI6fO7TnhFpGjSK3pZJXqHLDp6G87gNWQbo6fQX378lAEnP5wVifAM8zHUC8wfL6uhLMnu4X9WVPIAw2n6ox8nrGBKzNdjkDexAHiBdMGBHLNwsa-KxU3U9Hrr-53Bs8JdfDE2TLQY_5mHPnm1SJpR_VBpVb8TN7T6y_hFUrhUZZGtHVhokQU5wSuZC9hj7aI2gWGbOwUjcd30bpyJOz1feiwU8ZUWUW1JzW4rff8Ih3XlTn43Tl8zamwZ5T3zdAerz3YffgH5-1YJllaJ9C7A8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357d7fde7bee374a8c9b876dfa2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ea787f8d8e818aebfa67febd91eda995bd483b98e36420e4c4335031ffc0aa4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=ebLdySfNT2CnKqLr_Qa2DtmDrVitcozUmSJAVCsjdLwsXNyARr1ziZIp7YW8O6I6r2ujR0KC8pCjef95K0FqDzUd2plPxujoCgtfkiHgs3YMtHCyPV7ZxPDO6lJ-xQMrdGnkH14by-yQJrLgkI22ID3kDC6SouZsph82ctKMZaUifNKaTyftD81mMi5mpxKLCQ8-ZVyOss_dsjgNFcihSb_p0Mk61Zu0xCY2IFtORkEtnJKSL0HdB-Hn4_eM5u1QFpyvaQ9R0gZyAzMBMJzOGFA0rrKReBsnhMyGAlp5NEKMBNYTOSktJVROJpUwVhQZPWCU03Fu3CiX-sOvtlii7ev6UdtvnvY-WLjpGYVRGmYA1VJGhao9JUu2OvRMh3Mmx8pYi9oSJQFN1SzYPUMzWilXNuK-2ld5O5TBEcpUEcn92zXKjt_OsQq6JbQ5MF2TWYVOQAZZTo5BFhHmOfZfeuwdSysPeeE9GLxDtC8VSQSfs9gCvvTsbn6t_KRUfr7wjhjnAwQu3NnODL-fofoxlsNuBXzzmfWaJCJ3zt4EvNUIfPHUlW0QMzxVZxRW0kyDmROoF2yBLUZMXzs45z5h5ZBYIbomv2wVNHqTPiKtYxnNL7jZq0yPf2Uajzq4Mp0QSoZiBuZCJZTI7D_PJWeepDcJhLrdsFw3Vp0ImxhVIjVhHYupR-b_uHs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a9cdc8e917d1719a9c697bc08f8738669bb9cc5e92ca627ff66502722c3f5af8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=ebLdySfNT2CnKqLr_Qa2DtmDrVitcozUmSJAVCsjdLwsXNyARr1ziZIp7YW8O6I6r2ujR0KC8pCjef95K0FqDzUd2plPxujoCgtfkiHgs3YMtHCyPV7ZxPDO6lJ-xQMrdGnkH14by-yQJrLgkI22ID3kDC6SouZsph82ctKMZaUifNKaTyftD81mMi5mpxKLCQ8-ZVyOss_dsjgNFcihSb_p0Mk61Zu0xCY2IFtORkEtnJKSL0HdB-Hn4_eM5u1QFpyvaQ9R0gZyAzMBMJzOGFA0rrKReBsnhMyGAlp5NEKMBNYTOSktJVROJpUwVhQZPWCU03Fu3CiX-sOvtlii7ev6UdtvnvY-WLjpGYVRGmYA1VJGhao9JUu2OvRMh3Mmx8pYi9oSJQFN1SzYPUMzWilXNuK-2ld5O5TBEcpUEcn92zXKjt_OsQq6JbQ5MF2TWYVOQAZZTo5BFhHmOfZfeuwdSysPeeE9GLxDtC8VSQSfs9gCvvTsbn6t_KRUfr7wjhjnAwQu3NnODL-fofoxlsNuBXzzmfWaJCJ3zt4EvNUIfPHUlW0QMzxVZxRW0kyDmROoF2yBLUZMXzs45z5h5ZBYIbomv2wVNHqTPiKtYxnNL7jZq0yPf2Uajzq4Mp0QSoZiBuZCJZTI7D_PJWeepDcJhLrdsFw3Vp0ImxhVIjVhHYupR-b_uHs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053574e78c6380db4bb59eda949feb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6aedb223eef628facf52a4cb071e95197c774a564c4e80536b38badce4bbe8b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=Qn13FUDcexCwiDvulTiBS-hr5pjL_ujR3z6Oh6i0YvpPZ3lQwbxsrsrwFvONyyp4yYWfHXivoTCYocU56808ImMRpafnROcJcP-7p7k56X4_qiO8C5oEW_eQsaQEmAZu3PYxyFbLpbIKDLqGJ47EE8mA9uQwcfVgiqG89iYwIXen4bYkTu47n0LpnkMpyhODH80ycKCefH1RhaYodmcrMqyp7Es_A1Mfs1UQu0Fej96w1IgrPA2neYYukjwu8XlbyXyWO7Vvd17p1eCBc1L5jchOB83JQ7dNRk41pj1ncHpvmtOH4JZ1Pekx9Hg9t2-157g0-CkBlA4mIhus240C_TOfRifZ-buunuh9Ab23qZFixAXckegDC5I7kyIAIfOL2qxR80QbeiWT9DzBBVCnU_fjQhtkFQnxwjTpOmCwSjG0bwwDiI16moCaX7QPx4AVdTnJ9rjuMoNjvtFrFmJyKPpgYd1Fo4e78C6Y9gAdIsrhCZht2c4Kbro2w-Bz3l-aXRDEopAQevkk-SByohFvuQAllaJXM1ZJb6VRhQ8_cEaMH9-PBARl4s5Zx-tqHFuzEX_2uI3w4us7IjtwN-Dw0oIzm00dZcmTXzyXTHeEeFgHk-QbTFC5mqRjkZ9Wu_DuBpmXW8QoksIREdsHNvsjrKBB6MDuDRrXB2W6zdGl2O_HOTqILm6gerQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9bcc3bd772c0bb74f12db78234667813f8c585ca3d0d744f49fcee60bcb80d34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=Qn13FUDcexCwiDvulTiBS-hr5pjL_ujR3z6Oh6i0YvpPZ3lQwbxsrsrwFvONyyp4yYWfHXivoTCYocU56808ImMRpafnROcJcP-7p7k56X4_qiO8C5oEW_eQsaQEmAZu3PYxyFbLpbIKDLqGJ47EE8mA9uQwcfVgiqG89iYwIXen4bYkTu47n0LpnkMpyhODH80ycKCefH1RhaYodmcrMqyp7Es_A1Mfs1UQu0Fej96w1IgrPA2neYYukjwu8XlbyXyWO7Vvd17p1eCBc1L5jchOB83JQ7dNRk41pj1ncHpvmtOH4JZ1Pekx9Hg9t2-157g0-CkBlA4mIhus240C_TOfRifZ-buunuh9Ab23qZFixAXckegDC5I7kyIAIfOL2qxR80QbeiWT9DzBBVCnU_fjQhtkFQnxwjTpOmCwSjG0bwwDiI16moCaX7QPx4AVdTnJ9rjuMoNjvtFrFmJyKPpgYd1Fo4e78C6Y9gAdIsrhCZht2c4Kbro2w-Bz3l-aXRDEopAQevkk-SByohFvuQAllaJXM1ZJb6VRhQ8_cEaMH9-PBARl4s5Zx-tqHFuzEX_2uI3w4us7IjtwN-Dw0oIzm00dZcmTXzyXTHeEeFgHk-QbTFC5mqRjkZ9Wu_DuBpmXW8QoksIREdsHNvsjrKBB6MDuDRrXB2W6zdGl2O_HOTqILm6gerQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535306fb62cfe6c4d4cb546997bce&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4699c2811d511a7bb71e7e2f00ec00db06c8fefbe3b319c4bdf9a7f8077b1180

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=vIDnP_xY7b1UYUnfJFiUP97LJ_vnEFHIwr3kK6fbGc3uYQFt0N66RQCrtj3R3Fo2OvSai5sCYL0DTwkv8sus1Oe8i6eYs2UPYPlyyYWD2aM69_5pc3OJJ5RFq9x5gwd2W5lGOgf9bYF621YB97EfmENkwkkysAa_5EYZdIhGB4mCrPuRLnM_-4v9xXke6d3IWv1IvJgvMAS9Y9OIQ3ygvqDBL6MlX1-nC-gSxXhtxQb2fgEaYxuP6C0P6ewg5TGYG4XzLC7YP-MjhXCTbMIvR-6hoaJCvvO9pZmTfho3d8q3G0UJGj5mmWQ0Uz8CfRLfUsb_hCsDPCuZnk_ZJ-9LTrEragCrV9l3_PvXMJDU_Ihv6CWaqZ6L_ePBqZEf2uircBmrUtkA-oDW_E5s3CD28gIiP4xLdvW7NAXZqNl6YNLR9nOu1p_Lh_IeGl47g4zGPLoa4O9TqnQTAIfXmNMqDokkG6pIf_x4DLcbp5Pk0v9hRYrJqCM_PHtZF_PHZmG-CRVoCfi90vz0re3C8xyYyuOpzxltvyRvDoDTLnCOJm99EgU_eC3OFQoriFkKHtiC6i1Jlk0tSjCTgA7SafOcAYY1i-3d7kR58sRBCy2SvviOLrEXW9_ZVbWRjaUtpxDofa4OOmyTPDlbf_9E-Cjs9_MC_M-Szf-AI6J--YHdeQMNsuLdV1mpKNU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e0b9e1c344a9f070d79d9e96e61eff4bc7e7806574f553c5bca56a0b415e23ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=vIDnP_xY7b1UYUnfJFiUP97LJ_vnEFHIwr3kK6fbGc3uYQFt0N66RQCrtj3R3Fo2OvSai5sCYL0DTwkv8sus1Oe8i6eYs2UPYPlyyYWD2aM69_5pc3OJJ5RFq9x5gwd2W5lGOgf9bYF621YB97EfmENkwkkysAa_5EYZdIhGB4mCrPuRLnM_-4v9xXke6d3IWv1IvJgvMAS9Y9OIQ3ygvqDBL6MlX1-nC-gSxXhtxQb2fgEaYxuP6C0P6ewg5TGYG4XzLC7YP-MjhXCTbMIvR-6hoaJCvvO9pZmTfho3d8q3G0UJGj5mmWQ0Uz8CfRLfUsb_hCsDPCuZnk_ZJ-9LTrEragCrV9l3_PvXMJDU_Ihv6CWaqZ6L_ePBqZEf2uircBmrUtkA-oDW_E5s3CD28gIiP4xLdvW7NAXZqNl6YNLR9nOu1p_Lh_IeGl47g4zGPLoa4O9TqnQTAIfXmNMqDokkG6pIf_x4DLcbp5Pk0v9hRYrJqCM_PHtZF_PHZmG-CRVoCfi90vz0re3C8xyYyuOpzxltvyRvDoDTLnCOJm99EgU_eC3OFQoriFkKHtiC6i1Jlk0tSjCTgA7SafOcAYY1i-3d7kR58sRBCy2SvviOLrEXW9_ZVbWRjaUtpxDofa4OOmyTPDlbf_9E-Cjs9_MC_M-Szf-AI6J--YHdeQMNsuLdV1mpKNU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352afa24c051dd44c79cdd1f2cb4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8ea2418afe97ed9c9de6989252fe6d89adb948565b76b29fb285a735e10f92fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=6VbHsCA45BoVSGWftLUGsihPT6-_2C1mqp5idCEeftQmADDvOjxySvrQPkEjoTWUY4pplwpV7PIpoZU9wtcAP4XLMfsmFmfeSpbwV8Tap6PGn7oK7Sgs6xAl8VZ_kM0riaKMQc1umnvbsBwkgW_6jCNAF1MoonBGU0bisvAAlMEIANJVkk0YV26uATYmb-pfYsSXUCGjsTj8VUAa-XsBodGOsR7RMZSdbZg9pquOpF4UAz1LzCZCk9WTwetdKlgEKwen8Q6foMIp1zfh1uoAu0IdJMPOb5KPuZyvpOZjRFzxWLm2KiBsGjV_c-qH-vaQLUpMjXWdqQuAxc2LL_AlLhoP1bZBGJFxjznxMu0o68xh-hT_JHKQZ51YgC9_NTACjEph3LgXpEmVYqjpgsjfWybt9c35BrVBv4IOzPCftgIvay1CZzOV3UorVqVuyLDzVgaUeGrc970hJ4_KEDehysAt7PzRjNat8dErnWRnDZxO0A2-IS6aO6uTwXJaaHEur81PcRYCfWXGC_VkzZwNQM9O2PxbCNJpCtDIYWgNkkrGR5YVCH6XLze3cgYMEZMbexvGfOCrAAmyze2ZIBY2LQqLMxieU8-IqpuZoAGwkAFULa-MyLRGgx-wV53Jf6RjDK893ATDHrmWdL9gUTOIiqbGptxavN9wu-jpf816i8DbzeQfoPmwT30=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3a4c4928cdaad89bc9603404f1762d99081a9801e5219e481c8fb2b9cc82b7f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=6VbHsCA45BoVSGWftLUGsihPT6-_2C1mqp5idCEeftQmADDvOjxySvrQPkEjoTWUY4pplwpV7PIpoZU9wtcAP4XLMfsmFmfeSpbwV8Tap6PGn7oK7Sgs6xAl8VZ_kM0riaKMQc1umnvbsBwkgW_6jCNAF1MoonBGU0bisvAAlMEIANJVkk0YV26uATYmb-pfYsSXUCGjsTj8VUAa-XsBodGOsR7RMZSdbZg9pquOpF4UAz1LzCZCk9WTwetdKlgEKwen8Q6foMIp1zfh1uoAu0IdJMPOb5KPuZyvpOZjRFzxWLm2KiBsGjV_c-qH-vaQLUpMjXWdqQuAxc2LL_AlLhoP1bZBGJFxjznxMu0o68xh-hT_JHKQZ51YgC9_NTACjEph3LgXpEmVYqjpgsjfWybt9c35BrVBv4IOzPCftgIvay1CZzOV3UorVqVuyLDzVgaUeGrc970hJ4_KEDehysAt7PzRjNat8dErnWRnDZxO0A2-IS6aO6uTwXJaaHEur81PcRYCfWXGC_VkzZwNQM9O2PxbCNJpCtDIYWgNkkrGR5YVCH6XLze3cgYMEZMbexvGfOCrAAmyze2ZIBY2LQqLMxieU8-IqpuZoAGwkAFULa-MyLRGgx-wV53Jf6RjDK893ATDHrmWdL9gUTOIiqbGptxavN9wu-jpf816i8DbzeQfoPmwT30=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355df233364580423c93c6d00b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
51f99b831c0b554666d1a53fb323b0a40a8356c4e348a99ec8b2fdf3d0967231

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=91mmc3o2hu1I8PRE1FU-_Do1hH657_rESoEednLSqDpQeSJrxokmAVDMjE6CWDI8SXJ8l3_g0q6NY6CNf-3B83pHCY2il8gAxoMV9h4wFGrOmhZcWIhyOIumi0Lfst8flvdN6SrT4dwtPyBrTjsAEdYNfKj9xwfOsrCtmP082IhK17a4APfZCxJMH9WKkUHFGZ2bKUeOVsujk6kNbw7qv4EBYRFMgfSHwTmYdBNdE13aP3RdnSpxVKuAKDOHP-JOWG1DtaQh4drJnUAdbs6lg8Cwxgwy2lNTZcJGlEak1uk0VP18Xm_V6Yhm7M4aIMgbVxXLgRrzwe8vfqkxaFKqZRaqduqL78Het2yggQX3jwm0NbERONxOroDem7F9CBRO1rlSEJUqtEoZKvO65H1QFjYz_9Er7BKTsPlNd3-14AC7IOcFlzFbNfBE_n9uS0kM5NIu2pIgwcTj-UFofeWD0NhgZb2MCZ2kuuDSQ5W_f0lw2RaDbYXI3YEP-SOBIsRyFBeqy67a56fE-hqvVKQqivd1c5WFZvSXq5qPx1Ysr6ICDIrGZk7owm86Fim_1AcVZ_v_exbwO3xNsvMGdimLjix77lWzvd6voRy9Ykq14CVJssH_-FoT_khvudm2O2jno6vDJQ-C-x2wJnRmL81I1ihWJQqWrR25E-8T_t5RWtJOBhSDxJ8RDD0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5551a6d519679faf4bc60318154cada04b009cbba2f59971366aad2824034a42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=91mmc3o2hu1I8PRE1FU-_Do1hH657_rESoEednLSqDpQeSJrxokmAVDMjE6CWDI8SXJ8l3_g0q6NY6CNf-3B83pHCY2il8gAxoMV9h4wFGrOmhZcWIhyOIumi0Lfst8flvdN6SrT4dwtPyBrTjsAEdYNfKj9xwfOsrCtmP082IhK17a4APfZCxJMH9WKkUHFGZ2bKUeOVsujk6kNbw7qv4EBYRFMgfSHwTmYdBNdE13aP3RdnSpxVKuAKDOHP-JOWG1DtaQh4drJnUAdbs6lg8Cwxgwy2lNTZcJGlEak1uk0VP18Xm_V6Yhm7M4aIMgbVxXLgRrzwe8vfqkxaFKqZRaqduqL78Het2yggQX3jwm0NbERONxOroDem7F9CBRO1rlSEJUqtEoZKvO65H1QFjYz_9Er7BKTsPlNd3-14AC7IOcFlzFbNfBE_n9uS0kM5NIu2pIgwcTj-UFofeWD0NhgZb2MCZ2kuuDSQ5W_f0lw2RaDbYXI3YEP-SOBIsRyFBeqy67a56fE-hqvVKQqivd1c5WFZvSXq5qPx1Ysr6ICDIrGZk7owm86Fim_1AcVZ_v_exbwO3xNsvMGdimLjix77lWzvd6voRy9Ykq14CVJssH_-FoT_khvudm2O2jno6vDJQ-C-x2wJnRmL81I1ihWJQqWrR25E-8T_t5RWtJOBhSDxJ8RDD0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053592db0c741aaa423ba191af0f2a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
704bbe1bbd1790f52444e10d1b5f948efbb02906ca4fa86b7463c516031e4902

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=mUbgnCDDHlwpxx_LsLhG08gH-d8ITkHo2JrasPKZ6veA4uGqpLEwy2hEZEfkeQzvtjuXIRr9G1TA9Ac5zEbyQ7RcGaYzFIPKay9tN7ABREaAbNskpjXpsiU3LUg-5CrfmwryRunoIW3vu5M5qo1ghgN4ATcPHMzMMfqH47hyxuWs9DwQab9dm2tG2cOknjUTyq2nLx-PD13zloBAQfD5-PvY-W1_R9J5x6CFK189uqBu-7SQs7SR2xaGaMeAMxURlFZ3LtgFAtkmKwavnDLt6IpGnY0xrEcZ9cG9YNn0vy-TZ88-rrQpp4cYHnVzFbusW-h-RI3SKlqMOMN0Ab-y3V1iwnPpbR6iN8LzMMavoO5nS-10VtXVgmNdVYwxBce23W8RPSpwxiuuLiNRvaUXMylUT6StnJBTjDWeG6CjCRcQG9ZvOLZw5nqo35fgAp5G4wpmkfe7LICnuwlkTJozddqMzhfwsmLx3Iaq8TUMHbIXfUg5ekzsDp8pd5A871WPjg5G60DTQGVakvNikTLzMjh083TvRwqiaw7tAlZFK1yJvtvPtA8ZMYwX9JmNzSmHLz13nR86YPmTpfgLyZSqYEZUk346T5OMKZy34qq1uXMG0om_AwgCwZt8Vns0VD1uWzkJrZguAveM9BSz4yUdkWK9v8jImUpXO6RrDatMyiVcsSsAU9GOiso=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eb887494cab7227431710942fafe80273d5eafa5dc6e3cc6a0ffd92f78d2e15f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=mUbgnCDDHlwpxx_LsLhG08gH-d8ITkHo2JrasPKZ6veA4uGqpLEwy2hEZEfkeQzvtjuXIRr9G1TA9Ac5zEbyQ7RcGaYzFIPKay9tN7ABREaAbNskpjXpsiU3LUg-5CrfmwryRunoIW3vu5M5qo1ghgN4ATcPHMzMMfqH47hyxuWs9DwQab9dm2tG2cOknjUTyq2nLx-PD13zloBAQfD5-PvY-W1_R9J5x6CFK189uqBu-7SQs7SR2xaGaMeAMxURlFZ3LtgFAtkmKwavnDLt6IpGnY0xrEcZ9cG9YNn0vy-TZ88-rrQpp4cYHnVzFbusW-h-RI3SKlqMOMN0Ab-y3V1iwnPpbR6iN8LzMMavoO5nS-10VtXVgmNdVYwxBce23W8RPSpwxiuuLiNRvaUXMylUT6StnJBTjDWeG6CjCRcQG9ZvOLZw5nqo35fgAp5G4wpmkfe7LICnuwlkTJozddqMzhfwsmLx3Iaq8TUMHbIXfUg5ekzsDp8pd5A871WPjg5G60DTQGVakvNikTLzMjh083TvRwqiaw7tAlZFK1yJvtvPtA8ZMYwX9JmNzSmHLz13nR86YPmTpfgLyZSqYEZUk346T5OMKZy34qq1uXMG0om_AwgCwZt8Vns0VD1uWzkJrZguAveM9BSz4yUdkWK9v8jImUpXO6RrDatMyiVcsSsAU9GOiso=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053550d3cd45c65d4f2ebf1bdefd5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2acab3ae7d16ea1f4371a7afebfafbdc813cc866536afefd5e9768eb35939531

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:49 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=fjVEpnqxkOIJ7l_ZdZAUVXW5cab98TKJMAez1CNGlF6tf-01hY9KiCN96oN_6Nn4t8NkEn2WzHl5EBxKFcwmBOJU6mT8ocgmnC7PE1ddj-4yi1UGmQv4AafbKSPIcOLXrJC9wG3G_3lteGAmUToITzojDIVN835Lgldhtvtwqrg22RYzBpNCWBWddK0k72NE2yuxGZ-5G8ffGtciI6y4tgrwj0AzJQx8injjyaZSs9pl_o2m9yHrDpy_k3l_swHhSr3CUUHCr0MAP_XxQiQNsp9-7Bmy_w_tXzeDkbkWGInWALM_-DxVesnglobS_G2ClE16CtLglP_eqKN8NucdUBt8Jpq5Ju6YYdH-DEc-qTm5rtmYCez_THbYmdquy8x2KBZ-8JOUYcV8gKU4ET8iyQWY1lZ8Lgfyb7vqHm2XnITOxpohjclhsp4sqZqX9oVObtPY9NSnSAwOUsky0_CilHwT0ASpJv0pWCGMHeIyWAwgJi0V2CuQxVFjikRk8fxClrnQ6uIvqoKweYrLUVCu7PPt04IjQwtswQ6dweWP_Cj7e8NVPeYqDMrFT52bL6I26Yfzpr1xpamQwL2BsEFZGVgf8DzFlTNfyCywjzrQRKw7L_AivwgyFTeHK4ImcNe9MyOvOgJCRWVLdEgwJsnvPXn-yQ39ZkrQXQ2vxltwhypb0UkfvzgQrRw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
74015655847d1004ba26afa39d6b72adf76e793c9a726c67e3a0530f4230e31c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=fjVEpnqxkOIJ7l_ZdZAUVXW5cab98TKJMAez1CNGlF6tf-01hY9KiCN96oN_6Nn4t8NkEn2WzHl5EBxKFcwmBOJU6mT8ocgmnC7PE1ddj-4yi1UGmQv4AafbKSPIcOLXrJC9wG3G_3lteGAmUToITzojDIVN835Lgldhtvtwqrg22RYzBpNCWBWddK0k72NE2yuxGZ-5G8ffGtciI6y4tgrwj0AzJQx8injjyaZSs9pl_o2m9yHrDpy_k3l_swHhSr3CUUHCr0MAP_XxQiQNsp9-7Bmy_w_tXzeDkbkWGInWALM_-DxVesnglobS_G2ClE16CtLglP_eqKN8NucdUBt8Jpq5Ju6YYdH-DEc-qTm5rtmYCez_THbYmdquy8x2KBZ-8JOUYcV8gKU4ET8iyQWY1lZ8Lgfyb7vqHm2XnITOxpohjclhsp4sqZqX9oVObtPY9NSnSAwOUsky0_CilHwT0ASpJv0pWCGMHeIyWAwgJi0V2CuQxVFjikRk8fxClrnQ6uIvqoKweYrLUVCu7PPt04IjQwtswQ6dweWP_Cj7e8NVPeYqDMrFT52bL6I26Yfzpr1xpamQwL2BsEFZGVgf8DzFlTNfyCywjzrQRKw7L_AivwgyFTeHK4ImcNe9MyOvOgJCRWVLdEgwJsnvPXn-yQ39ZkrQXQ2vxltwhypb0UkfvzgQrRw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053510617ff77fd242afaafa8b9e1f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8ad238f1fb2ee557f2b367e9d6e13c65513b5c63caf3b0b7cb6760097c4063ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=5YID-4SauU8VyKlGH5bY1cnmxm80KtLeR6C4dRe0Y0K8IBnizv4WKdhQZf5C7j_nd0Vb0SnWr24COzKxYPiv5MlYOFLD4kZAxp6rQCSSLGZOe31zim2SpGWxn0SnfLOA5iM67SeHqz6WpjiVzzPo0nM0ABI4Dc3_RdyKBAHRtJGPKtT4mX3z7TxP-bsQSBOpe4Ngm6rTL6pC5cus17qOEZEGImXKO2y4L0a61lrtL6uxK_h2XoorD4gItM-RN_fPNWceYLHm6grnORaxPHFtZLgzgyEdYmn8hLbNjumMMheV_cx4WIfP-nwi03FR22S5MTL3dUHO3Rdx2pLtEDOgRSKRz6SBKj-YVg_2kXRHXvmdvK5yanz-6XI3Iybik7rHhxdncC5QgMB602k7xiVBhfhbZuI73GUPWhMGibfIGyVX6qV0mj1YEMOR133BoYgBD27V392_s-wPUm-9iHiIDrXCOWG-8V-EHwdwqgkm-5Sdx1JAs90vWzimQdRQR1MKS5V4KRcMrx0d-iGQPDaBVf_yUUqj02hCnHXX5X9x66QS3SYX4n2trisfjKbO5Rp4reSqBkXbQhwJGvoeuuO7U-u0S9c5fFQz8ySiJwFU0K2jpx5uWYsUt_LdjbqJ0Nz1u3c_K2raweJ0eGBB4ELitMkK-kXsdfig6535M003Ni1UB652jAzqrqE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
686977e779904db10b788116c5ba88abd5fc03993e50aba5f3825ca8cea0cebd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=5YID-4SauU8VyKlGH5bY1cnmxm80KtLeR6C4dRe0Y0K8IBnizv4WKdhQZf5C7j_nd0Vb0SnWr24COzKxYPiv5MlYOFLD4kZAxp6rQCSSLGZOe31zim2SpGWxn0SnfLOA5iM67SeHqz6WpjiVzzPo0nM0ABI4Dc3_RdyKBAHRtJGPKtT4mX3z7TxP-bsQSBOpe4Ngm6rTL6pC5cus17qOEZEGImXKO2y4L0a61lrtL6uxK_h2XoorD4gItM-RN_fPNWceYLHm6grnORaxPHFtZLgzgyEdYmn8hLbNjumMMheV_cx4WIfP-nwi03FR22S5MTL3dUHO3Rdx2pLtEDOgRSKRz6SBKj-YVg_2kXRHXvmdvK5yanz-6XI3Iybik7rHhxdncC5QgMB602k7xiVBhfhbZuI73GUPWhMGibfIGyVX6qV0mj1YEMOR133BoYgBD27V392_s-wPUm-9iHiIDrXCOWG-8V-EHwdwqgkm-5Sdx1JAs90vWzimQdRQR1MKS5V4KRcMrx0d-iGQPDaBVf_yUUqj02hCnHXX5X9x66QS3SYX4n2trisfjKbO5Rp4reSqBkXbQhwJGvoeuuO7U-u0S9c5fFQz8ySiJwFU0K2jpx5uWYsUt_LdjbqJ0Nz1u3c_K2raweJ0eGBB4ELitMkK-kXsdfig6535M003Ni1UB652jAzqrqE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053501100fc1a058429c8462e6edbf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d68364699b1914caa45865d0bce4f04e80da48b5bc0ff8b13fde039d4d8b5f35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=gZdu6n_dzti7lExo3fvokYzUKZluIbxp0uZtLKeLqMWmo-0ngWW32RpKnEsPDMN4EuiqphSHpBe2Np3xPdQScac_ZuWEXVxna6QZJ5DRMkD7n_DpuYwpUS_ggdvJlF_PV5WsSbAzhVdkfBFSI9r5V7kzH2v8raFaAjo1iaP1EHg9VTkEuPkdlEwFN9Rj6m-PrhQPB7cA1cx6vz9xUgGRCTEiBNxhkQj37efP_6-ZWZRvxWWhTaQPAfrjLRn2xu0bAv9H2oNWfV_t55TmpqLjuToE98j5szoiCtj2L1pMjB_lm_JBopH1pIfSBiokr7fjAzLe0YTNPoT5_DDZo46e3LcIqECFDvS7sFUga5X8cWdRgm4-cKy2kLzVB8djhNbPHe66o0e1fzs82hpMxKJwCx39KBene6-8nYn9G5CSWeObxdJkjS77DAJViT4nGcaEFw7g1wt17gPAsC0tPnv8gaIpf6HCT1ZDgEHLWk97-JNWLJq7Oe7bBpjFIYrQqv2nAQ_4y0kdj-Dtaa4ZI_iSc4UQ4XBdlN_ziWPTJz8OSjUZniy1uMH6DF-zLrDBgVS0PPEz4sWPq2hrHeg3Uz0EqDo6ExcJv2IN50KlCJYZVYmlK7ZKWRZImVZN1Eh-_LgR4h9IAZ861HkSXJyi2qrfc4g1iVqmN7-iuUhsYsFQ6YIe7ju0jwVulaw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f076344e9cd330205f4aa8d5fee49e7c228585a6f24ddc676149657948ce5a99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=gZdu6n_dzti7lExo3fvokYzUKZluIbxp0uZtLKeLqMWmo-0ngWW32RpKnEsPDMN4EuiqphSHpBe2Np3xPdQScac_ZuWEXVxna6QZJ5DRMkD7n_DpuYwpUS_ggdvJlF_PV5WsSbAzhVdkfBFSI9r5V7kzH2v8raFaAjo1iaP1EHg9VTkEuPkdlEwFN9Rj6m-PrhQPB7cA1cx6vz9xUgGRCTEiBNxhkQj37efP_6-ZWZRvxWWhTaQPAfrjLRn2xu0bAv9H2oNWfV_t55TmpqLjuToE98j5szoiCtj2L1pMjB_lm_JBopH1pIfSBiokr7fjAzLe0YTNPoT5_DDZo46e3LcIqECFDvS7sFUga5X8cWdRgm4-cKy2kLzVB8djhNbPHe66o0e1fzs82hpMxKJwCx39KBene6-8nYn9G5CSWeObxdJkjS77DAJViT4nGcaEFw7g1wt17gPAsC0tPnv8gaIpf6HCT1ZDgEHLWk97-JNWLJq7Oe7bBpjFIYrQqv2nAQ_4y0kdj-Dtaa4ZI_iSc4UQ4XBdlN_ziWPTJz8OSjUZniy1uMH6DF-zLrDBgVS0PPEz4sWPq2hrHeg3Uz0EqDo6ExcJv2IN50KlCJYZVYmlK7ZKWRZImVZN1Eh-_LgR4h9IAZ861HkSXJyi2qrfc4g1iVqmN7-iuUhsYsFQ6YIe7ju0jwVulaw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=gZdu6n_dzti7lExo3fvokYzUKZluIbxp0uZtLKeLqMWmo-0ngWW32RpKnEsPDMN4EuiqphSHpBe2Np3xPdQScac_ZuWEXVxna6QZJ5DRMkD7n_DpuYwpUS_ggdvJlF_PV5WsSbAzhVdkfBFSI9r5V7kzH2v8raFaAjo1iaP1EHg9VTkEuPkdlEwFN9Rj6m-PrhQPB7cA1cx6vz9xUgGRCTEiBNxhkQj37efP_6-ZWZRvxWWhTaQPAfrjLRn2xu0bAv9H2oNWfV_t55TmpqLjuToE98j5szoiCtj2L1pMjB_lm_JBopH1pIfSBiokr7fjAzLe0YTNPoT5_DDZo46e3LcIqECFDvS7sFUga5X8cWdRgm4-cKy2kLzVB8djhNbPHe66o0e1fzs82hpMxKJwCx39KBene6-8nYn9G5CSWeObxdJkjS77DAJViT4nGcaEFw7g1wt17gPAsC0tPnv8gaIpf6HCT1ZDgEHLWk97-JNWLJq7Oe7bBpjFIYrQqv2nAQ_4y0kdj-Dtaa4ZI_iSc4UQ4XBdlN_ziWPTJz8OSjUZniy1uMH6DF-zLrDBgVS0PPEz4sWPq2hrHeg3Uz0EqDo6ExcJv2IN50KlCJYZVYmlK7ZKWRZImVZN1Eh-_LgR4h9IAZ861HkSXJyi2qrfc4g1iVqmN7-iuUhsYsFQ6YIe7ju0jwVulaw=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=gZdu6n_dzti7lExo3fvokYzUKZluIbxp0uZtLKeLqMWmo-0ngWW32RpKnEsPDMN4EuiqphSHpBe2Np3xPdQScac_ZuWEXVxna6QZJ5DRMkD7n_DpuYwpUS_ggdvJlF_PV5WsSbAzhVdkfBFSI9r5V7kzH2v8raFaAjo1iaP1EHg9VTkEuPkdlEwFN9Rj6m-PrhQPB7cA1cx6vz9xUgGRCTEiBNxhkQj37efP_6-ZWZRvxWWhTaQPAfrjLRn2xu0bAv9H2oNWfV_t55TmpqLjuToE98j5szoiCtj2L1pMjB_lm_JBopH1pIfSBiokr7fjAzLe0YTNPoT5_DDZo46e3LcIqECFDvS7sFUga5X8cWdRgm4-cKy2kLzVB8djhNbPHe66o0e1fzs82hpMxKJwCx39KBene6-8nYn9G5CSWeObxdJkjS77DAJViT4nGcaEFw7g1wt17gPAsC0tPnv8gaIpf6HCT1ZDgEHLWk97-JNWLJq7Oe7bBpjFIYrQqv2nAQ_4y0kdj-Dtaa4ZI_iSc4UQ4XBdlN_ziWPTJz8OSjUZniy1uMH6DF-zLrDBgVS0PPEz4sWPq2hrHeg3Uz0EqDo6ExcJv2IN50KlCJYZVYmlK7ZKWRZImVZN1Eh-_LgR4h9IAZ861HkSXJyi2qrfc4g1iVqmN7-iuUhsYsFQ6YIe7ju0jwVulaw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605351fb49ae673eb4be49b81c6d89a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
92c40c264a590de09d274426dba7e963b0fff8ea9ffec828cf14d3f02dfb200c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=OeBXw7A8Sn2DWxxn9v52xHy928y17qRSgw6gwK9NAi-XrOLrbVV4jGs-vTqb9R6G6lmtA59qUEPbMxZATkRVKY2DtA7bqv7CKTUQjUJ4uH7NHA9CQy4VGIY5qiEDKE1wlrNs0oMkKSnQOp80OEHFsiKrre7Upzrx3icTkuuCFa38j81IFhgJCqguh63OoyxJ3tPAW7MBRgYu08P0ES5o8CNJhlaXj_2FyytOKOhKBXJI5bd-MyzQI--80pJ_qEnNF2QF4789Qk2YBbbRB0HaYAeanrigMKMuBMCdBpm_OAyb4gXHI-nce0Pv9wukLEQHAJtFJY9bTDIczyBexuSOn8aqrWoC952tBpkTjJiApU-r9jl-lxQqEj6dzB-ECoY_7UDXARMRIhHrrA-dZ8t2sOFim3wH2l9vzjzWs34S6BiHjxGlFIcRjhk69Ov2FKVSKl8z65zvMk8Do-wd5LSVgsF2HRoK830xnITbRRu6gW_0urWyf0PKUGaHPg_u_y5nE0qKvu3AIRESy-juQ6cHtgS2kf7Y5h3ZTkyqz7e5KXtNSR8vE90_xeqIyma8khSBxsnE3ueyf373hhCpgN7NXB2khMPzIb98GjIlV36WT1Vmhk8jRjlZGH312Kc3YJzSYsZcGgmQzAHBAOpWJMidPaLrIFjMrgiP204HjjVQKZiqb-yaK1U6uS0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eb32432eb3873c9b1ff5ef19f9bbe0071472546a9d5189ebc19d685186cfd0f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=OeBXw7A8Sn2DWxxn9v52xHy928y17qRSgw6gwK9NAi-XrOLrbVV4jGs-vTqb9R6G6lmtA59qUEPbMxZATkRVKY2DtA7bqv7CKTUQjUJ4uH7NHA9CQy4VGIY5qiEDKE1wlrNs0oMkKSnQOp80OEHFsiKrre7Upzrx3icTkuuCFa38j81IFhgJCqguh63OoyxJ3tPAW7MBRgYu08P0ES5o8CNJhlaXj_2FyytOKOhKBXJI5bd-MyzQI--80pJ_qEnNF2QF4789Qk2YBbbRB0HaYAeanrigMKMuBMCdBpm_OAyb4gXHI-nce0Pv9wukLEQHAJtFJY9bTDIczyBexuSOn8aqrWoC952tBpkTjJiApU-r9jl-lxQqEj6dzB-ECoY_7UDXARMRIhHrrA-dZ8t2sOFim3wH2l9vzjzWs34S6BiHjxGlFIcRjhk69Ov2FKVSKl8z65zvMk8Do-wd5LSVgsF2HRoK830xnITbRRu6gW_0urWyf0PKUGaHPg_u_y5nE0qKvu3AIRESy-juQ6cHtgS2kf7Y5h3ZTkyqz7e5KXtNSR8vE90_xeqIyma8khSBxsnE3ueyf373hhCpgN7NXB2khMPzIb98GjIlV36WT1Vmhk8jRjlZGH312Kc3YJzSYsZcGgmQzAHBAOpWJMidPaLrIFjMrgiP204HjjVQKZiqb-yaK1U6uS0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053588a1e3131c584815830484e4be&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
47f50bb43506b9950439c592da3a81092cfc90ea4cbb8d555b8e8285da6247dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=ESszcBASHx9NBhEE1UthM2n2yjaTpDFXsJizXIapJwOK6ZlLPGhM20O_NpkyLYJsDscz_shZR92Et8fCoQSbmr7r62ije7y6o3E5tIF0T6MjHk84kNdfNSzWizvO1mtzH2WpYWYYfQphurpR1PN3MO1hH08iJU8MFvb4iu3bYmEwBQ0900otAxikwPVE2NlBNMrJ_9GoNybH1w-lBouZBpjZGaF9kb9Z-TIcfmkesN9Zd_LkHQZarqJjACgW1X1Z-MieJ80iwYOPghova96GECaFBPBvJrsuczGlA_RtenyAkbqO0K-_Txlo-jl2tSOTwy2DUz_94HOkn67w_Xp5BJq3wjOmSfYo6LGkRylugKIm-EEjePaxDj_JMovTnOQC8vNqxObis7ljnUULP9TLfp0xWditwqzWBU0uBxzONz_TCoDnbuZWvAEoVQxet3Xl5_doBngrKxXFtY_BjiCIHTBt4kyghi88l3EAIKAyD4tDBXwhDiWxz7bEnAH3D7EVClhoVI7uv88K0dUwnH5-XmPcdXKt8NSwo37eeBxsZKdg1aaRLVEezC5fAjMEoH97CERKnYTfL0RfS1qYnzTabeuA31eHfqVVpQBKMkALyFTGVNghFrwW8WyHyDzKnolDHcxGMJ6ukiAkA61U0XK4P0TtwiK-Pj8M1_yifcSZeRayFt7oaTcKQN0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6befec23b32b052f7be4f6fd6394cb565924bf7595c972d65c0ac15fa2681822

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=ESszcBASHx9NBhEE1UthM2n2yjaTpDFXsJizXIapJwOK6ZlLPGhM20O_NpkyLYJsDscz_shZR92Et8fCoQSbmr7r62ije7y6o3E5tIF0T6MjHk84kNdfNSzWizvO1mtzH2WpYWYYfQphurpR1PN3MO1hH08iJU8MFvb4iu3bYmEwBQ0900otAxikwPVE2NlBNMrJ_9GoNybH1w-lBouZBpjZGaF9kb9Z-TIcfmkesN9Zd_LkHQZarqJjACgW1X1Z-MieJ80iwYOPghova96GECaFBPBvJrsuczGlA_RtenyAkbqO0K-_Txlo-jl2tSOTwy2DUz_94HOkn67w_Xp5BJq3wjOmSfYo6LGkRylugKIm-EEjePaxDj_JMovTnOQC8vNqxObis7ljnUULP9TLfp0xWditwqzWBU0uBxzONz_TCoDnbuZWvAEoVQxet3Xl5_doBngrKxXFtY_BjiCIHTBt4kyghi88l3EAIKAyD4tDBXwhDiWxz7bEnAH3D7EVClhoVI7uv88K0dUwnH5-XmPcdXKt8NSwo37eeBxsZKdg1aaRLVEezC5fAjMEoH97CERKnYTfL0RfS1qYnzTabeuA31eHfqVVpQBKMkALyFTGVNghFrwW8WyHyDzKnolDHcxGMJ6ukiAkA61U0XK4P0TtwiK-Pj8M1_yifcSZeRayFt7oaTcKQN0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e12b05f3a0fd4000a85857c19e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fe1e3f3a05470421a78b26615ae02a6f726af210dfafcca0d8850cb62dfccf5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=dthBuQFxM-QpVFLYO88qcaZO2D0Okqe-9YnCpKJEEglmTiSVcovt_A_d5ofAseUN7-RpCdX5btk4bxIq7d5OG2UMEnrGFuLayFXelAd6tUHFnAlrRi7R86hJzgKtrM3qlf1oXR0DUxS4WDJteHgyGg_gMHTNNKnNDYklzNSeGzGtroFn7dDhbqUIMTsZZ0TkOEyGu8Sjm5F2wRmz1FVnj0fr7DfUkjWFsNAY34gmAly5XOv09oletqljqPWTi66Jwdsz0QzGcWISWwChAs59x-N4TWecgqJW6h6uHNeZfxjo7xy5R8mHn7km7M_EvAp2qPQD66RehCOSVzibBniImoj7Nl94y-iV7BAehcfiVRX15H6G8uSIJgFarM9388TgF2zFzs836tOaEZCSDK-zO96_yE4e3HMfgrZlRboyQ0_xqdl4rl3yMGm99QGzxpZC_87XNEsCPEiFVwjA23Y7rVdgFRizdpEmPd_LA3dcFuUz0xM4-uIY972S896fbsowmZ4pp2zyfcAroTam3rZaAFCgL1SPycAKJj9pq1voPhEOoQLGN2PYGf7kyR6AdPLCJCuSE65cdfBiwB4WRdzEp13oUOt_mn5Xs5Tr51_Z1NuvFeX4xF4f0F7cXY_uB1_ICZx7mG6eMaly18You4HsF9gCO-xAdRh_fCRYhyqYUq3ocktXUiYPwdg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3f292a6e0229940879790ddc98633ebc11f5d7e80d489aecfe5a1566ccc8399a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=dthBuQFxM-QpVFLYO88qcaZO2D0Okqe-9YnCpKJEEglmTiSVcovt_A_d5ofAseUN7-RpCdX5btk4bxIq7d5OG2UMEnrGFuLayFXelAd6tUHFnAlrRi7R86hJzgKtrM3qlf1oXR0DUxS4WDJteHgyGg_gMHTNNKnNDYklzNSeGzGtroFn7dDhbqUIMTsZZ0TkOEyGu8Sjm5F2wRmz1FVnj0fr7DfUkjWFsNAY34gmAly5XOv09oletqljqPWTi66Jwdsz0QzGcWISWwChAs59x-N4TWecgqJW6h6uHNeZfxjo7xy5R8mHn7km7M_EvAp2qPQD66RehCOSVzibBniImoj7Nl94y-iV7BAehcfiVRX15H6G8uSIJgFarM9388TgF2zFzs836tOaEZCSDK-zO96_yE4e3HMfgrZlRboyQ0_xqdl4rl3yMGm99QGzxpZC_87XNEsCPEiFVwjA23Y7rVdgFRizdpEmPd_LA3dcFuUz0xM4-uIY972S896fbsowmZ4pp2zyfcAroTam3rZaAFCgL1SPycAKJj9pq1voPhEOoQLGN2PYGf7kyR6AdPLCJCuSE65cdfBiwB4WRdzEp13oUOt_mn5Xs5Tr51_Z1NuvFeX4xF4f0F7cXY_uB1_ICZx7mG6eMaly18You4HsF9gCO-xAdRh_fCRYhyqYUq3ocktXUiYPwdg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605351744f709cfe84b4b931438174f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
47c74cf8a19c78b1d288cea94404bde59072e62d53f9d1e4932e44fb43480985

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=yniSpc3MeSt3BKVj2Jj_jxFUeg1VtjiX7VH6UeXSs2TPgGica33NGEag3HXwEG1jW_Ex6L9WbjG3ERaCbDigCja_iaJwSMSnSnptiySSN63DEYh-qA7S3vEF6osJXsXoX6KyFw1RTX-UiRhpF063qAcY0UpMgLICOhOlTIFvgNqlMY0Xo6rqQmKj9zRnUIBe516G_Ihp8qvhb1paAAjHQ6fBLVJA-df0trYBaHXg7H-2RMoJ-tL1LKzJiIGu25OM8sJ8Hzz5gRjWgUAmUMMnAw3MHdOTPudf-cwhTwjupQBtTsjVHOEFxvr3uzkXZxiYsYvq9ufwko7Nl-CgZhScjH42_ap_YZnsK5q26HjXPj7tYUl6HBtbPTJWlyzHQgQeTEonY2QL4nUB6x24y4re2G3N3j9Hayr01quz-UVxkicDkjMS0GIfyhwIdN37XStkuvE1uxp2Z_yZQTMu4fa3SiNTCwdSBMBNcj9f6BdFDxwiFo1e5PjhQ3YE7kdhnN4cUjShPw5uK6dnzHn9FADRDBvhq10AId71xUWJ6f_XNlBVOgOsFUPV2uP7AT8iQRQElxXaY_dSRUA7nGl8T6S-34OAA2x-XKWQbUs5d4plmzHqp6Vs6-NU98chCtRjBht8r3nFyj_d5BT8_1GlCaNNqRmRBjXvAarOF1K8-DBdfut0hHLVQVTxhqU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
14e69018f3c171e554322608e5dca043c4488dd29b00a1c10df48352843794fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=yniSpc3MeSt3BKVj2Jj_jxFUeg1VtjiX7VH6UeXSs2TPgGica33NGEag3HXwEG1jW_Ex6L9WbjG3ERaCbDigCja_iaJwSMSnSnptiySSN63DEYh-qA7S3vEF6osJXsXoX6KyFw1RTX-UiRhpF063qAcY0UpMgLICOhOlTIFvgNqlMY0Xo6rqQmKj9zRnUIBe516G_Ihp8qvhb1paAAjHQ6fBLVJA-df0trYBaHXg7H-2RMoJ-tL1LKzJiIGu25OM8sJ8Hzz5gRjWgUAmUMMnAw3MHdOTPudf-cwhTwjupQBtTsjVHOEFxvr3uzkXZxiYsYvq9ufwko7Nl-CgZhScjH42_ap_YZnsK5q26HjXPj7tYUl6HBtbPTJWlyzHQgQeTEonY2QL4nUB6x24y4re2G3N3j9Hayr01quz-UVxkicDkjMS0GIfyhwIdN37XStkuvE1uxp2Z_yZQTMu4fa3SiNTCwdSBMBNcj9f6BdFDxwiFo1e5PjhQ3YE7kdhnN4cUjShPw5uK6dnzHn9FADRDBvhq10AId71xUWJ6f_XNlBVOgOsFUPV2uP7AT8iQRQElxXaY_dSRUA7nGl8T6S-34OAA2x-XKWQbUs5d4plmzHqp6Vs6-NU98chCtRjBht8r3nFyj_d5BT8_1GlCaNNqRmRBjXvAarOF1K8-DBdfut0hHLVQVTxhqU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053545c778eadfa7440c80851814d3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e970b688e8c3f8d94d912b6cef8bc62d13458f13c41080a7bca91ba7770aa81a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=aGqOoQz2tHTnfr7W8CBFUDXY3hp6UQl7UlsL-pqzdkZX40M-8hs-xsDFNpFM8AZLEpX6M9_lA7dpdbmBkPW0PJ4c95ZnouTtQvczzx5gVz4DHw569_F_kRgNneaAj5cQPte_Ip_s2piATAsQ6BjgdUFnBkyraRICdZUr4n0NLzfs38ghz_R12zPpcCwPCUdMxFRSS05b2Mo3Ed2RJBOrqZePh6lZ4S5ZuXoak2V0xL8CPwnL8g0TwIv76DcKMmKdTHwwW550xeeT_ZIljz8AyBPG4-pypsvqKyjSxSJdDtwRXOV7Z2MotDv25yuY0KFwF-lLjL_2BOQUAZuL0hrY3cDtt7N7CObRHNNNQAcbsrhYd1hrXv2K6lz-r_3Y0WPVDM3qigQj3JuhGDA_JCnvNOjXvkBk5wMBSYHKqQxU5YNY6I8jeJhtwNdPRuPtbbMfAULQTHe760_ob7VecL5Zrt87DsV6_CjKjdKjGa0QxEYXhBi6KGigM98opAf-VPqdIkeTwAC4hGE50GuPkCQ4xZgu415ftcxGMsFyMJifeQI9XiGKgPIOus7uUwiXAtPivqM5EEvb9TDddf5vA4L6lxhlEafzVrFgiVAYFbUMhzaNRaZfe4Ci0bMYnnNJpOlmX5HKBkJ22oIl5uvGwhLJKcSuQQLU337fTnQyMEVDjQCbi9-N4lAh1-Q=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
70e1cb9f3eb81131104f05be522f236b2009d6e78d6b221f7b9c85499c8079cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=aGqOoQz2tHTnfr7W8CBFUDXY3hp6UQl7UlsL-pqzdkZX40M-8hs-xsDFNpFM8AZLEpX6M9_lA7dpdbmBkPW0PJ4c95ZnouTtQvczzx5gVz4DHw569_F_kRgNneaAj5cQPte_Ip_s2piATAsQ6BjgdUFnBkyraRICdZUr4n0NLzfs38ghz_R12zPpcCwPCUdMxFRSS05b2Mo3Ed2RJBOrqZePh6lZ4S5ZuXoak2V0xL8CPwnL8g0TwIv76DcKMmKdTHwwW550xeeT_ZIljz8AyBPG4-pypsvqKyjSxSJdDtwRXOV7Z2MotDv25yuY0KFwF-lLjL_2BOQUAZuL0hrY3cDtt7N7CObRHNNNQAcbsrhYd1hrXv2K6lz-r_3Y0WPVDM3qigQj3JuhGDA_JCnvNOjXvkBk5wMBSYHKqQxU5YNY6I8jeJhtwNdPRuPtbbMfAULQTHe760_ob7VecL5Zrt87DsV6_CjKjdKjGa0QxEYXhBi6KGigM98opAf-VPqdIkeTwAC4hGE50GuPkCQ4xZgu415ftcxGMsFyMJifeQI9XiGKgPIOus7uUwiXAtPivqM5EEvb9TDddf5vA4L6lxhlEafzVrFgiVAYFbUMhzaNRaZfe4Ci0bMYnnNJpOlmX5HKBkJ22oIl5uvGwhLJKcSuQQLU337fTnQyMEVDjQCbi9-N4lAh1-Q=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053587c5f5ccf4554d76b59b0750fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f869d32691bedc58f0149c5c2f85fe4419e14d43be3e69269cb75750c07d255f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=gG-xf788bAX1DGdUgCkCzm0LWW9fxh3ZOFgIYRYR9Ze6TvkwyX27niAFSFygdqhTR4Sbe8QnHDsLR3_iN_7JBTZ1VN-CnBn8NJ3O8YpAfZ2RbtUSRUz1gH22IodHcWm7R2zvzV0gGu2CE6z0bQtRs59mQ4Pe2x-XhdUH4s74NzvaCOtxFbVe86Y5oT0sVwqTasLahMV00GS1yNNWx7mc3mDyKYw74NC3nrIY6nPNc9VqCbZIjKVqs6o0d4-G6OyRZuyWrA8rHxL8aC59g5Y3NJbr7D70LDcU_b_V1NNQdAA5UhjAT4ZI9IYIX09rGPmEa1d6yJpzTXF0ko_fMR1zZiUfZnN5MbMocq7kjNq-GIhAzYwCPP4RLK8XJGgGjxHaPjGsME49KGtPeDXZPbaithCC6lLt7ekzJzCIZDQz40nJ6xVMUsi44hsvTC_7ghdYAKQ1_GjV-KjHC-h5XNRx0j8YlXChS7n1PEB8ldA_Ge89QTjQdIeI20PI-uk769lPtobJ4aNENt3603MVMhIJcqbZT4R8vdenkeRgqE2jbQ3XXyly0BqjfuycejeunGHmnnEEWqg_XbWs3gN0gTaazuxzYN8Ip_jkBuZI_qzo-vDd4WRkYVjADJxWES42tc5r_nvt4pvaTG01EsMenUAULzySdoBsH2TDupzCXXdhAEQx8j8VEeHTmo8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a92ac95c4a4f0209fffef2a1baf061a6d91f76f38b900065afbb9b413a26daf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=gG-xf788bAX1DGdUgCkCzm0LWW9fxh3ZOFgIYRYR9Ze6TvkwyX27niAFSFygdqhTR4Sbe8QnHDsLR3_iN_7JBTZ1VN-CnBn8NJ3O8YpAfZ2RbtUSRUz1gH22IodHcWm7R2zvzV0gGu2CE6z0bQtRs59mQ4Pe2x-XhdUH4s74NzvaCOtxFbVe86Y5oT0sVwqTasLahMV00GS1yNNWx7mc3mDyKYw74NC3nrIY6nPNc9VqCbZIjKVqs6o0d4-G6OyRZuyWrA8rHxL8aC59g5Y3NJbr7D70LDcU_b_V1NNQdAA5UhjAT4ZI9IYIX09rGPmEa1d6yJpzTXF0ko_fMR1zZiUfZnN5MbMocq7kjNq-GIhAzYwCPP4RLK8XJGgGjxHaPjGsME49KGtPeDXZPbaithCC6lLt7ekzJzCIZDQz40nJ6xVMUsi44hsvTC_7ghdYAKQ1_GjV-KjHC-h5XNRx0j8YlXChS7n1PEB8ldA_Ge89QTjQdIeI20PI-uk769lPtobJ4aNENt3603MVMhIJcqbZT4R8vdenkeRgqE2jbQ3XXyly0BqjfuycejeunGHmnnEEWqg_XbWs3gN0gTaazuxzYN8Ip_jkBuZI_qzo-vDd4WRkYVjADJxWES42tc5r_nvt4pvaTG01EsMenUAULzySdoBsH2TDupzCXXdhAEQx8j8VEeHTmo8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a2acb92a19504e43ac0f657d31&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b9539ecdaf04967d765693d5092eb3c54f0a286d643c9c4715739cad76620b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:51 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=viQSYVShf7dva8aTaY639RFj0xmgKJU6GDlPQEDczpLgg97LufggV6LOBhdaF-BEW2__hn474tlXeVfxmY2tsXxDMvgsbOcoyw8Twcn0D8P0Y8QRUg0FZwE_B7Jp1qk9R-4JucBpIBWYVx-uMAoB77TOY4cjpxGvAGmYG9G2R7CoqePamncPoPAEbU43Z9BYS3fcAPzK4vutd-XNQz1GAe06U3Y65y6SDGRO6tw-Ykwi7sw47HVLrhrEqiiT4OkrzRms8S-xce8ra4KzTDKFtEN-v46AG-SxKzZ7hyhlU_TG6-7egOT7DrQEv8Tj_d29DfI3mr77TEdm0zhu0rXqVSZW3JVBCHQOFJFzOkdINvViUjEUCFw3u3Tj7oinHyuAZ2sSrfoYcskyP1BQ2xG3XNfusvzhoEBnvjmqyv0fzKwE0LNCjujHer-q2Uyw_JTCbGS0xV5q4b0YsipT4dSufcOaXef4wi5hSshfKe9M91P0ku7gEQE0vkzzv2WcWTbH2rRUM8zm7vGXvhWKBxV_jzPFpW_CGKHJ1HmrhGANB73kV53CK20vY5hypBDGSEni9t9mDSAXz1_B8c0etd6PIELpUjp3Dr32K8HuULhS6Z_Q2wRgYcBMANRJ-2jNp4qILrvBuVua6DyVgBugzBljbdqeay6dwCyDNI1FLckBWUZ93SvOF73vdY8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b3ee7d5f7aea39a8d497bdbc9d9470d21eb04ab570fc753a8f08a5f60e634220

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=viQSYVShf7dva8aTaY639RFj0xmgKJU6GDlPQEDczpLgg97LufggV6LOBhdaF-BEW2__hn474tlXeVfxmY2tsXxDMvgsbOcoyw8Twcn0D8P0Y8QRUg0FZwE_B7Jp1qk9R-4JucBpIBWYVx-uMAoB77TOY4cjpxGvAGmYG9G2R7CoqePamncPoPAEbU43Z9BYS3fcAPzK4vutd-XNQz1GAe06U3Y65y6SDGRO6tw-Ykwi7sw47HVLrhrEqiiT4OkrzRms8S-xce8ra4KzTDKFtEN-v46AG-SxKzZ7hyhlU_TG6-7egOT7DrQEv8Tj_d29DfI3mr77TEdm0zhu0rXqVSZW3JVBCHQOFJFzOkdINvViUjEUCFw3u3Tj7oinHyuAZ2sSrfoYcskyP1BQ2xG3XNfusvzhoEBnvjmqyv0fzKwE0LNCjujHer-q2Uyw_JTCbGS0xV5q4b0YsipT4dSufcOaXef4wi5hSshfKe9M91P0ku7gEQE0vkzzv2WcWTbH2rRUM8zm7vGXvhWKBxV_jzPFpW_CGKHJ1HmrhGANB73kV53CK20vY5hypBDGSEni9t9mDSAXz1_B8c0etd6PIELpUjp3Dr32K8HuULhS6Z_Q2wRgYcBMANRJ-2jNp4qILrvBuVua6DyVgBugzBljbdqeay6dwCyDNI1FLckBWUZ93SvOF73vdY8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535e46f4297b9a14a6faf452fea30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f3bee9f065e41dd649d63804d621d69e27ea8f6f432a0770c02fe6ec9ab71e38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=oZIXugW4UaLkL52i_pElYYzY0mjaGMfdhlmdWWOISf8eChyDRudM-fI56UYPeDGpx2YuMKpsaL4hl4Qqu85ap_LSwCDwbO15WJg3gvR5dBdM0VqPd_yvDDdTBklTY64yc3sAHsuYx_lRKvBYTxAfJ6lgfmrhfVCXFk3wdKWflKZLeQk_N8SbxBNplgYjfxpZLdFYzIQPUU26IrioTB3BEKM28_zaG7N-z84dPEDNIk4Rqs4BAcsqWGu76f4awXTgQOXKPRdjTLyI6cnJxKCVU2nIRI5Heqzc2GqKTpd6Ev7GcEeLe5CNwbKYfFy-h9jtRJK0ImpB2GQuSaemOD2xhzUSNEdzYw2EoyxjPQAmU16caFwiFTdmyZ--kbRDd1dxVUvJaJimVyLJ7R5-Zfx5ggM80AE9WlKoRdcCvYnFEnxI52zGvRYjBwotWzjvR2w6WzDnlDqK5eV0dlpzE4WG65yh9n1Xtditus6mYjAYA_5zZB4CReXV2PH_sL3NuoCxBXY42hUBKepMQsQXgeL7pZEYZe2_S3uK1JabmNfTblAfVVpJVnV55L7yGve0LjJd-zVpWzvtgPQ5Z04ecrJTHa6O34QD3WJViN9aYB6XoaBfYRyW-pANynNggvOM3fTdwaWRu98iMLRvsnqPtOMv1oAIVjrg7tHFgZlpHDDalL_V0pkYxtTABUs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6f05f82acd5bca532f0725e83b5cb09728d06e74600cb444395d3882f4db5bdc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=oZIXugW4UaLkL52i_pElYYzY0mjaGMfdhlmdWWOISf8eChyDRudM-fI56UYPeDGpx2YuMKpsaL4hl4Qqu85ap_LSwCDwbO15WJg3gvR5dBdM0VqPd_yvDDdTBklTY64yc3sAHsuYx_lRKvBYTxAfJ6lgfmrhfVCXFk3wdKWflKZLeQk_N8SbxBNplgYjfxpZLdFYzIQPUU26IrioTB3BEKM28_zaG7N-z84dPEDNIk4Rqs4BAcsqWGu76f4awXTgQOXKPRdjTLyI6cnJxKCVU2nIRI5Heqzc2GqKTpd6Ev7GcEeLe5CNwbKYfFy-h9jtRJK0ImpB2GQuSaemOD2xhzUSNEdzYw2EoyxjPQAmU16caFwiFTdmyZ--kbRDd1dxVUvJaJimVyLJ7R5-Zfx5ggM80AE9WlKoRdcCvYnFEnxI52zGvRYjBwotWzjvR2w6WzDnlDqK5eV0dlpzE4WG65yh9n1Xtditus6mYjAYA_5zZB4CReXV2PH_sL3NuoCxBXY42hUBKepMQsQXgeL7pZEYZe2_S3uK1JabmNfTblAfVVpJVnV55L7yGve0LjJd-zVpWzvtgPQ5Z04ecrJTHa6O34QD3WJViN9aYB6XoaBfYRyW-pANynNggvOM3fTdwaWRu98iMLRvsnqPtOMv1oAIVjrg7tHFgZlpHDDalL_V0pkYxtTABUs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353160019cfb36474ba8d61615b7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3704ccda524c2d9cffdb4108f34b55f0b047116275734f0aaf4bfa1edbe1696d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=xXMmJixXf7JEDCniwgMoIv7i7KnKi1HblpWeC6m5ZdleAaS06dJjonomUmNK7uZrWnoEyLbRXZk6Kcg9VPZnz9hI4T0EVyv3QLWtIMqxJmqLW1E_9ATEqNu1AKrqcDzFZF3jDiOyFUOBnByPYtJ121SVkoJaG8nv6pIorzW8F3RITq2GpstNRVB_l0FNKst5HyrACabea8iKWMjTrMINXRI4ckhHQdQuklzTjudnqGv6xaY3Vruf75hvrTpCmUcd8m5VgdmU_eYwTzVKNWkV3uylV9C_GmO_Hbd0kB0kyB4HIqvLUwbo9pyCvLByYOXgwFXLPNOcG62A_rgzIu0GNZRnAT7Dh3Gr2ExZrGN329U-Dznjfg3gZPtH49QGfalLNIwC9-diAxCAFXma3q2mpTbP2yv7rfY6eoE-7Y40F02rYea25EANrPc8xQjKyqzH87YiIy80-IL5hZCAZG7u06hOP3QRbgdaimYZ6sJ9Pj9Mq28_x58JRTj9tZyF_w5XGBJ7E5Eq2OMLp2KLWhoBqSng9SM7RMtm89j2K0zJwANUkxuraNkVYnGwaospQVBmOcCUBOFMxizCePBa0KPTj5mBYmNffTYENpaV7qkYuYjULQIidbyiAFELclbwu9_fn0Y5ohsjXs_tTcYXpoiGQV7BARPBSAi6P3ZKOJ8G8i9Q0LTRN8_pmqg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e37fe9619e463c3cd7c1f6304f29d4a861a8f9b569fc4be8adf4e16f5a2e0b7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=xXMmJixXf7JEDCniwgMoIv7i7KnKi1HblpWeC6m5ZdleAaS06dJjonomUmNK7uZrWnoEyLbRXZk6Kcg9VPZnz9hI4T0EVyv3QLWtIMqxJmqLW1E_9ATEqNu1AKrqcDzFZF3jDiOyFUOBnByPYtJ121SVkoJaG8nv6pIorzW8F3RITq2GpstNRVB_l0FNKst5HyrACabea8iKWMjTrMINXRI4ckhHQdQuklzTjudnqGv6xaY3Vruf75hvrTpCmUcd8m5VgdmU_eYwTzVKNWkV3uylV9C_GmO_Hbd0kB0kyB4HIqvLUwbo9pyCvLByYOXgwFXLPNOcG62A_rgzIu0GNZRnAT7Dh3Gr2ExZrGN329U-Dznjfg3gZPtH49QGfalLNIwC9-diAxCAFXma3q2mpTbP2yv7rfY6eoE-7Y40F02rYea25EANrPc8xQjKyqzH87YiIy80-IL5hZCAZG7u06hOP3QRbgdaimYZ6sJ9Pj9Mq28_x58JRTj9tZyF_w5XGBJ7E5Eq2OMLp2KLWhoBqSng9SM7RMtm89j2K0zJwANUkxuraNkVYnGwaospQVBmOcCUBOFMxizCePBa0KPTj5mBYmNffTYENpaV7qkYuYjULQIidbyiAFELclbwu9_fn0Y5ohsjXs_tTcYXpoiGQV7BARPBSAi6P3ZKOJ8G8i9Q0LTRN8_pmqg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535d53c3865531648e2b06815d6b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b98ace350a3ec1618e8fe8268b96e6e84390beec0cc62a2315bd4c986f250929

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=1aySws-KrHlxAwlNhl3o0Ta1oMzPiLslBaLonxgNagaY3Ua4KquwlVFVJ4YeolL1U_zdOC2RwrH4NyY0wxEJ0RcqSi1GUW5Qab16efJttaResdLIhBrZPSS4K5NAhn9oK3gd_lXvbHNMkkntWdrLunKhzKEUpsU3z4lW1chZhtT3m-wlSK1Rq3tXtQtRWbJTBT9KGXN5GTCFZwtjWH3oMgAFimToDS30MnmTq8K7XNbeNGMKnH5uWy2f8oic3lEwDtRwG2Sart3zJCizu_ASdLuiIWw2IdF2q8iQN8Cz50dDWa-Oe2IjsEkhOlfRu4c2K21htvbpHCZcF-sdQdnA9Kpe0hSzMzUOUToNgOLRNz4lrJVDc1MgtJBsOVX1vrjcdGyAv4j3jgU5n6rB0yYPJ-VOjegojeTS_dZ-1xzPSH_R2VaTnXIB9gODUkXC28egSjSIGUw0frurp6JmKIa95xbZxM1TE3D9eAcIEfRtumAz2IbLAVZ-ZYjM87PIf3UiwS04rB01wutvVXkSHMNV4GC53dinNDjFLhafX49PN0y4fOtBFwk8UtgIn8wmgmSlMlAdKEj7aai2VQs5ER2w86DIZgZ8EQ1H_DjQeYyRmjZeeajJ2zK__7i8BBRuZi7tOmBGCTzD18D9kz5sIAosINmp1qgyEIDklNf94bdmw0iC1FbglYeixXQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cc8b865f1003f7c4d54559c2ccb498cafb4b9785a7664ea9644254a35b548f41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=1aySws-KrHlxAwlNhl3o0Ta1oMzPiLslBaLonxgNagaY3Ua4KquwlVFVJ4YeolL1U_zdOC2RwrH4NyY0wxEJ0RcqSi1GUW5Qab16efJttaResdLIhBrZPSS4K5NAhn9oK3gd_lXvbHNMkkntWdrLunKhzKEUpsU3z4lW1chZhtT3m-wlSK1Rq3tXtQtRWbJTBT9KGXN5GTCFZwtjWH3oMgAFimToDS30MnmTq8K7XNbeNGMKnH5uWy2f8oic3lEwDtRwG2Sart3zJCizu_ASdLuiIWw2IdF2q8iQN8Cz50dDWa-Oe2IjsEkhOlfRu4c2K21htvbpHCZcF-sdQdnA9Kpe0hSzMzUOUToNgOLRNz4lrJVDc1MgtJBsOVX1vrjcdGyAv4j3jgU5n6rB0yYPJ-VOjegojeTS_dZ-1xzPSH_R2VaTnXIB9gODUkXC28egSjSIGUw0frurp6JmKIa95xbZxM1TE3D9eAcIEfRtumAz2IbLAVZ-ZYjM87PIf3UiwS04rB01wutvVXkSHMNV4GC53dinNDjFLhafX49PN0y4fOtBFwk8UtgIn8wmgmSlMlAdKEj7aai2VQs5ER2w86DIZgZ8EQ1H_DjQeYyRmjZeeajJ2zK__7i8BBRuZi7tOmBGCTzD18D9kz5sIAosINmp1qgyEIDklNf94bdmw0iC1FbglYeixXQ=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053560c15ddc681c491286dff7032b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
16c5f37531e2491c89cc8d2b4f11760d7436d35fdae4b65fbedf1d207f052b91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=3drQm42VhuCxhmspGaez5liI66jnXdna4OfzV7ZFaTbwp8uHB5ST3-syx44adXvUPS6uEaxdsGJPcw4xorqu570EAnLGhYqAlw4wy0MWYtDDVxMhymGr1MXM6lAMmTKUi_NS2r8nB1RYm1l3EIcJO_ocP8qi8pmBt3PGuvMgTS-isjqjIPPUi0awcD7jl-AGAmlHtUanqtFb8-qdaObfLcbfWTzEcAKe3OdBh6kEtfYcEUfP-QoJrgB9bdFJt-kDf7Na7FGiU0K09AI2BpmQOkD3yAVgJzLFHhmbB3CFeLavxwMpY4z5lyscNxx9qUt14r-nQbLrybFZNltAOJjViB4F2Q538BcpzW7x1aoNK2ZPOq8hjWLAJpvg7M041lC0SD9C0qfySYcrJOCgtQ-Lg8sGSGIu6rW4hzIL4IaII0rKlozbAK3MXTq9mwdGQqTQ6b0-Xmv0WOklgYrphmnkYgvPTF6MFHhssV9X6NyYDxyZEqMAdU7D7KK1_ZB9rBUZ47XTpRFO8Cd86AAjrlF0ZtPTKaoOCB4g0PKOPv8NeGuq5I_GVdurnsG2fZAf93RECEiX4xooYOZEh7MuURENZlsQV45r6BEtcdVRnGY3Pa-3IjFtP4_4N0vLYjmy_vZClxUimPOV9i2qn9L7wK3Z72wAfRS64Zlu6MsZRO5S9GxPx4SwCUPc3IM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d3d2297bc9eefd47d33be2db20e8ad326ada7320aaffed81041b8494283ecd50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=3drQm42VhuCxhmspGaez5liI66jnXdna4OfzV7ZFaTbwp8uHB5ST3-syx44adXvUPS6uEaxdsGJPcw4xorqu570EAnLGhYqAlw4wy0MWYtDDVxMhymGr1MXM6lAMmTKUi_NS2r8nB1RYm1l3EIcJO_ocP8qi8pmBt3PGuvMgTS-isjqjIPPUi0awcD7jl-AGAmlHtUanqtFb8-qdaObfLcbfWTzEcAKe3OdBh6kEtfYcEUfP-QoJrgB9bdFJt-kDf7Na7FGiU0K09AI2BpmQOkD3yAVgJzLFHhmbB3CFeLavxwMpY4z5lyscNxx9qUt14r-nQbLrybFZNltAOJjViB4F2Q538BcpzW7x1aoNK2ZPOq8hjWLAJpvg7M041lC0SD9C0qfySYcrJOCgtQ-Lg8sGSGIu6rW4hzIL4IaII0rKlozbAK3MXTq9mwdGQqTQ6b0-Xmv0WOklgYrphmnkYgvPTF6MFHhssV9X6NyYDxyZEqMAdU7D7KK1_ZB9rBUZ47XTpRFO8Cd86AAjrlF0ZtPTKaoOCB4g0PKOPv8NeGuq5I_GVdurnsG2fZAf93RECEiX4xooYOZEh7MuURENZlsQV45r6BEtcdVRnGY3Pa-3IjFtP4_4N0vLYjmy_vZClxUimPOV9i2qn9L7wK3Z72wAfRS64Zlu6MsZRO5S9GxPx4SwCUPc3IM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053562e88b7913c64049bf16285f75&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b52fac955c5e901d2665d7d0a976659cebebf862005caf4f4926cd93affb2fbc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=3ewwB_anmb-m4Dh02GrdsZrucF_5zqo3BXigFhYu3MZIKhLJ2pJm6AOWEfVO-KZJhzsUpBzDJlBFQzEh0FAZcMuG83e7CnXh_fVyCZbKAPGHxCt493aLpmwRG_kWEi8eCt9VTlPFWxjPczc3qGj1G1XvaCeI53kcfF45e8T-4qFhNvbJ7aitAqW0Hx3-9rzbAQ0Z_rRhru62wbCUx2X35ETpV4hDeZp4xWPPkJ7Ua0tNlwVKV1ykqpq4-JJAzfBxtbEIoY9fkGdtEAOJv0w4Vg0DT7KpwmVAb8vgiV8MbpOTfMY1Kx36tGLe0VuXKuGxIn0r125GyFq9po6YI6Qc-QziyB0Swz2leQib7X5O6klkW_EixCy6cD_cWMfuyOdHHp_9i_rhm8ERisuf04YGHDWLODoHrquVO3mx_krW7YW0yJ6EQKv0jq1xD6FriD-LQ_BQu8nbPNagXcABnwPns_o3_8y8goGMVCIjI5_Is81BNLOpST7SnOKpeY0fCvY02Gw2fu58zAf-wz9PiFs72cs_m2q3qpiWL3Gdgn5Mz007GTV72PblEUTbViRPfoNjafwmhuuoaydiFdnRv0lw_S2YEk4Pf5LY0H9MikrpibPjE7i6sMqM8XVMMQio0cTtN5Fzv_mjZtHW7Ei6Q-eYzFY5inwIy_EXyVMuwyQcGnwOWv-jMm7pjeY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
365858eced0edb2e45d7346997d4c146d32d024bf42778879cee370c2cb9500c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=3ewwB_anmb-m4Dh02GrdsZrucF_5zqo3BXigFhYu3MZIKhLJ2pJm6AOWEfVO-KZJhzsUpBzDJlBFQzEh0FAZcMuG83e7CnXh_fVyCZbKAPGHxCt493aLpmwRG_kWEi8eCt9VTlPFWxjPczc3qGj1G1XvaCeI53kcfF45e8T-4qFhNvbJ7aitAqW0Hx3-9rzbAQ0Z_rRhru62wbCUx2X35ETpV4hDeZp4xWPPkJ7Ua0tNlwVKV1ykqpq4-JJAzfBxtbEIoY9fkGdtEAOJv0w4Vg0DT7KpwmVAb8vgiV8MbpOTfMY1Kx36tGLe0VuXKuGxIn0r125GyFq9po6YI6Qc-QziyB0Swz2leQib7X5O6klkW_EixCy6cD_cWMfuyOdHHp_9i_rhm8ERisuf04YGHDWLODoHrquVO3mx_krW7YW0yJ6EQKv0jq1xD6FriD-LQ_BQu8nbPNagXcABnwPns_o3_8y8goGMVCIjI5_Is81BNLOpST7SnOKpeY0fCvY02Gw2fu58zAf-wz9PiFs72cs_m2q3qpiWL3Gdgn5Mz007GTV72PblEUTbViRPfoNjafwmhuuoaydiFdnRv0lw_S2YEk4Pf5LY0H9MikrpibPjE7i6sMqM8XVMMQio0cTtN5Fzv_mjZtHW7Ei6Q-eYzFY5inwIy_EXyVMuwyQcGnwOWv-jMm7pjeY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605353fe1c0d09fe84b45966eb9a9e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8d4cd764a40094a85053778a5086aae8d3a4b90ee18866327e87dc3ea15e91e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=yTwdb8t4iJtZjG5x-onLwk56qG-OzQ4WbXYD2_8Vr4ov_UT1gb-4C43WyCFskx2q5J-cPxXzJsD-k5qL808s0MO8iThAuks9A91l8_fJI5D750oZwkkZNb-6Jf1a0WUknBVIcZWj3XXHjaxfJLrCrnVNDCguTPh677Gv7y3qov5tBTok07nOkMla0VAciXdHjzSWhmOCdwpwIgmrwqkuDVdrRNaP4BvbMFLWAL9JNS_3lIBeWV-hgmbQJrIfnYWOIWBV-27XC2TekglUibGQU3f6aI8QRlNiqEPe8bVFz4o-hcMZGbfi5g8mljDzXvr5_HWw8KIkAVKnt66NKiuW1g-3r80eHly49mpfDnadwctA6lC0XS4fMhJ_ozEIG72nAwmla_wmNkjPF5AeODvC1d5n2EMgJo1xToUoj9ZncCUSthkfw_Tjf2YGPqKr9AKa0eMqGu0xF2uElB_OPQwHKRikKlGSI-b5137AWlH4dB6CuSsxbe5Q0D4Sk56mcJzAWc9H_LqKszHWtqCTeg-HHjGOCR4DNAHaupGOB9vxb53hKeXo2tyx7h2tvvQz9MMOABSugSfLjX-KisebKxnHwGQW3bLCt1a96RKo4w4omtMA2hPG7WKyMkxUkzU41O7WJsn88rdZ02f--MS2d0YLNXHiYjREr-RYcxrpIXGQZFumPbE8HdwmdZk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
70e92b5febad3e23c2a8b65ce47e2f5243a179accb3a1040e4f891907d34271b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=yTwdb8t4iJtZjG5x-onLwk56qG-OzQ4WbXYD2_8Vr4ov_UT1gb-4C43WyCFskx2q5J-cPxXzJsD-k5qL808s0MO8iThAuks9A91l8_fJI5D750oZwkkZNb-6Jf1a0WUknBVIcZWj3XXHjaxfJLrCrnVNDCguTPh677Gv7y3qov5tBTok07nOkMla0VAciXdHjzSWhmOCdwpwIgmrwqkuDVdrRNaP4BvbMFLWAL9JNS_3lIBeWV-hgmbQJrIfnYWOIWBV-27XC2TekglUibGQU3f6aI8QRlNiqEPe8bVFz4o-hcMZGbfi5g8mljDzXvr5_HWw8KIkAVKnt66NKiuW1g-3r80eHly49mpfDnadwctA6lC0XS4fMhJ_ozEIG72nAwmla_wmNkjPF5AeODvC1d5n2EMgJo1xToUoj9ZncCUSthkfw_Tjf2YGPqKr9AKa0eMqGu0xF2uElB_OPQwHKRikKlGSI-b5137AWlH4dB6CuSsxbe5Q0D4Sk56mcJzAWc9H_LqKszHWtqCTeg-HHjGOCR4DNAHaupGOB9vxb53hKeXo2tyx7h2tvvQz9MMOABSugSfLjX-KisebKxnHwGQW3bLCt1a96RKo4w4omtMA2hPG7WKyMkxUkzU41O7WJsn88rdZ02f--MS2d0YLNXHiYjREr-RYcxrpIXGQZFumPbE8HdwmdZk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=yTwdb8t4iJtZjG5x-onLwk56qG-OzQ4WbXYD2_8Vr4ov_UT1gb-4C43WyCFskx2q5J-cPxXzJsD-k5qL808s0MO8iThAuks9A91l8_fJI5D750oZwkkZNb-6Jf1a0WUknBVIcZWj3XXHjaxfJLrCrnVNDCguTPh677Gv7y3qov5tBTok07nOkMla0VAciXdHjzSWhmOCdwpwIgmrwqkuDVdrRNaP4BvbMFLWAL9JNS_3lIBeWV-hgmbQJrIfnYWOIWBV-27XC2TekglUibGQU3f6aI8QRlNiqEPe8bVFz4o-hcMZGbfi5g8mljDzXvr5_HWw8KIkAVKnt66NKiuW1g-3r80eHly49mpfDnadwctA6lC0XS4fMhJ_ozEIG72nAwmla_wmNkjPF5AeODvC1d5n2EMgJo1xToUoj9ZncCUSthkfw_Tjf2YGPqKr9AKa0eMqGu0xF2uElB_OPQwHKRikKlGSI-b5137AWlH4dB6CuSsxbe5Q0D4Sk56mcJzAWc9H_LqKszHWtqCTeg-HHjGOCR4DNAHaupGOB9vxb53hKeXo2tyx7h2tvvQz9MMOABSugSfLjX-KisebKxnHwGQW3bLCt1a96RKo4w4omtMA2hPG7WKyMkxUkzU41O7WJsn88rdZ02f--MS2d0YLNXHiYjREr-RYcxrpIXGQZFumPbE8HdwmdZk=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=yTwdb8t4iJtZjG5x-onLwk56qG-OzQ4WbXYD2_8Vr4ov_UT1gb-4C43WyCFskx2q5J-cPxXzJsD-k5qL808s0MO8iThAuks9A91l8_fJI5D750oZwkkZNb-6Jf1a0WUknBVIcZWj3XXHjaxfJLrCrnVNDCguTPh677Gv7y3qov5tBTok07nOkMla0VAciXdHjzSWhmOCdwpwIgmrwqkuDVdrRNaP4BvbMFLWAL9JNS_3lIBeWV-hgmbQJrIfnYWOIWBV-27XC2TekglUibGQU3f6aI8QRlNiqEPe8bVFz4o-hcMZGbfi5g8mljDzXvr5_HWw8KIkAVKnt66NKiuW1g-3r80eHly49mpfDnadwctA6lC0XS4fMhJ_ozEIG72nAwmla_wmNkjPF5AeODvC1d5n2EMgJo1xToUoj9ZncCUSthkfw_Tjf2YGPqKr9AKa0eMqGu0xF2uElB_OPQwHKRikKlGSI-b5137AWlH4dB6CuSsxbe5Q0D4Sk56mcJzAWc9H_LqKszHWtqCTeg-HHjGOCR4DNAHaupGOB9vxb53hKeXo2tyx7h2tvvQz9MMOABSugSfLjX-KisebKxnHwGQW3bLCt1a96RKo4w4omtMA2hPG7WKyMkxUkzU41O7WJsn88rdZ02f--MS2d0YLNXHiYjREr-RYcxrpIXGQZFumPbE8HdwmdZk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605355aef2368dae14bd59436c0b75a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2ad00cc21e908286c37f9c93f6e2ca5997ffe521763ac4fa0b314b4b5773b543

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=ygw7iTDR2cW0utoMmlZOL1vhy-hJPvZoUFYcgkDizDs5cqhhPuPy0Sxb-OesBG6fGz5wpfeXvAfJm2dwvtoGLlkYIEgA6ExcLYldAZ_xq-kO0iR4Xpv_6_ppr5H__SgQEBNMABnqC5GNNAGAWPbmBLe1SHwCdw0jEFIrccyOas8-Ci7lkMMLv2bi_CHlZJ_GXz5qIJPP9McuKwhurg3zZFp-C0PPu0-uVhd6AsOCDM_VlUpzoP7p219hBfoPY0P8cjSkRutfjtSTxjspk-i8FfM9UqEKvm4xqKkkfOswmRtK14Jm2na6ZLZYuqBrkcrY5RNZS14DNS2QVS6E3L7PaxJx3gPZ_nGIjmDClatZVWo9edXLQ4c6Pqt_CKNi9J0mb4ud2y3zpOKOnolhqvadti36NkobZhZ9SUOG4eQdW1p3fZu55KIG-sI3iVrjQBAkg6X7dLkw0atZBq6cWn5NMIAPklxL8d1yrUgwnjcsnmWQGdEeBz2NEk3mzw-1PaxdQtxw1wbJkhOtuD6SIzuLjTAXnUUKrn-LLKq2g7ldGzpcae0OEBLzijG0sKbweO6OJ8NiZalzPky20hWmzwgug4R9RsnozG4HVFYUdxIQvzWfpaOhlqnapsiqPyahTo1ipLP6bqToVFy2t41qtNYJUhhgcdJGRiI4D5MydH0W5BAJUaRF3Co5qPE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
dc6d1e3672a27e6cb59033f52c3df3f7b868a8b33289459c71980c14fcfa2eb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=ygw7iTDR2cW0utoMmlZOL1vhy-hJPvZoUFYcgkDizDs5cqhhPuPy0Sxb-OesBG6fGz5wpfeXvAfJm2dwvtoGLlkYIEgA6ExcLYldAZ_xq-kO0iR4Xpv_6_ppr5H__SgQEBNMABnqC5GNNAGAWPbmBLe1SHwCdw0jEFIrccyOas8-Ci7lkMMLv2bi_CHlZJ_GXz5qIJPP9McuKwhurg3zZFp-C0PPu0-uVhd6AsOCDM_VlUpzoP7p219hBfoPY0P8cjSkRutfjtSTxjspk-i8FfM9UqEKvm4xqKkkfOswmRtK14Jm2na6ZLZYuqBrkcrY5RNZS14DNS2QVS6E3L7PaxJx3gPZ_nGIjmDClatZVWo9edXLQ4c6Pqt_CKNi9J0mb4ud2y3zpOKOnolhqvadti36NkobZhZ9SUOG4eQdW1p3fZu55KIG-sI3iVrjQBAkg6X7dLkw0atZBq6cWn5NMIAPklxL8d1yrUgwnjcsnmWQGdEeBz2NEk3mzw-1PaxdQtxw1wbJkhOtuD6SIzuLjTAXnUUKrn-LLKq2g7ldGzpcae0OEBLzijG0sKbweO6OJ8NiZalzPky20hWmzwgug4R9RsnozG4HVFYUdxIQvzWfpaOhlqnapsiqPyahTo1ipLP6bqToVFy2t41qtNYJUhhgcdJGRiI4D5MydH0W5BAJUaRF3Co5qPE=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053593961d4b1ee2405b8ddca11b30&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
26a7cbd2e5632bfa56cf01c5f91c548288b8ce48dc6356790b587f30f460ea06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:53 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=8hYQokNm3uD4yumcL5cberPt8OyV4w9UD1wb9XMoLDsKdttL_PFxQmzdOZF9p48-wZ60_K_PyBV8CMNC7HyhjT1QsqrvxQpjLs1DBxQJ2Czrkyc9BS-tcnfGGq3F2Z8J_ibI9F2Bl7qhu5q-1c5jJpEgw8-fKav1kMq2fxvW_NPzhGiH-fJaUWmVUcaYEo-A9cgVzgcnilBGmJ2ThL6HrF7jhSszE_XMdazuoo7u0n82tiwbYsKo18bO-8tQLbRSfBCO7D_zHQrq15AHcLCoCCfTUSKfQWc9JtkHtY5rvqR3J_BATQgjJjFMwN-hh44SKCQNJTjg0nxd1j2l2gZB7nJ7sq5bPvAr2CLZs6p51kX4UbKFnUHqhp5LpHkhw0aPBFXaRTXwbwWl6Ho-LLeKQVk-mSdPYeAFdAfR36bNmu6F57bZ3f0X0I2uNZHTxwqVfXyGQKlh0uZktTvt7r-WZ969qRq1iEYF_KHgIs8lPRgowkgMsCXUJsHp73EanxQxyhNmiXZXZBrXrwazjbWrMgDCqnC5c8FgYHrmA9wEVpenqRqLz5rdhOjWXrqECUYDUD3M5KhL63Kk32ikw9Pq6KDnjjW99oHCn1RPf7WD2_kx-nOM191MmKxKPrEQKgBlwEVYB7acR-KFPdx-Mufm8WMulQ9a05j9aJFKlQlZMc-IxFTQz_Cku_0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bfc5fec3375e753875784878f861e2d8412ef50f1d406163f8a8fb872d6d4e76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c086467de26845239ca3bf0fe3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=8hYQokNm3uD4yumcL5cberPt8OyV4w9UD1wb9XMoLDsKdttL_PFxQmzdOZF9p48-wZ60_K_PyBV8CMNC7HyhjT1QsqrvxQpjLs1DBxQJ2Czrkyc9BS-tcnfGGq3F2Z8J_ibI9F2Bl7qhu5q-1c5jJpEgw8-fKav1kMq2fxvW_NPzhGiH-fJaUWmVUcaYEo-A9cgVzgcnilBGmJ2ThL6HrF7jhSszE_XMdazuoo7u0n82tiwbYsKo18bO-8tQLbRSfBCO7D_zHQrq15AHcLCoCCfTUSKfQWc9JtkHtY5rvqR3J_BATQgjJjFMwN-hh44SKCQNJTjg0nxd1j2l2gZB7nJ7sq5bPvAr2CLZs6p51kX4UbKFnUHqhp5LpHkhw0aPBFXaRTXwbwWl6Ho-LLeKQVk-mSdPYeAFdAfR36bNmu6F57bZ3f0X0I2uNZHTxwqVfXyGQKlh0uZktTvt7r-WZ969qRq1iEYF_KHgIs8lPRgowkgMsCXUJsHp73EanxQxyhNmiXZXZBrXrwazjbWrMgDCqnC5c8FgYHrmA9wEVpenqRqLz5rdhOjWXrqECUYDUD3M5KhL63Kk32ikw9Pq6KDnjjW99oHCn1RPf7WD2_kx-nOM191MmKxKPrEQKgBlwEVYB7acR-KFPdx-Mufm8WMulQ9a05j9aJFKlQlZMc-IxFTQz_Cku_0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:54 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:54 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c086467de26845239ca3bf0fe3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:54 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:54 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535c086467de26845239ca3bf0fe3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:54 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2994cf02bba9081e6832a97b0bd1c02db638b87829dc2e31e684e081c1e66c57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:54 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=23eae84e478addb2c7c9b59b2582eb6f1637066154&psp=UADMq21ho1G80QJqlVO-r0kSO75f8IbVr7oNpVk7sv1jnSa8VpeFXpxQ5ZSd2CTNy1rfmJWSDtsOwNvHvUzK-xamZO7u0VGwoTjQirp2P-_hXo5Ngdwf_DREXuSMGLEn77xMKeRGTvUlNDbt1IBD2ZMt0Te6PU6p0aLXC_tH7IfV_e3aluJpgjIbgiJjerzVQDepiCYPV9dei7lsudRuEFk4wOkXRf0YtrJFpUgUx0lZxAaOxQxsO98kewFeSn5SeM1v7VRgXrncWNvEUfeGobeQzSK-zGd8CmOmfboF11g0ueSwn4XhwW3XWohLD_IMgxTGhjDEYyj2onMtEPR7GIF_MnGpUSS604LmQLEAAw_5bJNXUZX5bi6cOYDX-JAHdkrerDiX95_1YV40jy370DEPjVtuQVfsiV_xsJBvKAHzpbL-c9KY0X0K1hmj6K7Q3S24E6_YAlfHaX0zhTEZmdlEQWNyyQUHPP-aNlX0Ltb4-snykFrgP0sUpf56RFunrKAgR09fVwkX46AiaLc4wJInDwlq5rN0i2KSl2OMk2hxIZxZFbZJDAz6I1JKioP-i-NqGshJYJUX-rXH0nuxbA3x05HRznDHyAo2ZwHKp0hzS2zWnzrP4WGKaVdgCFrwdRhcNLTz9fwQsHpuBy7HrfccCmaIOSVchckPLSCM9a2YpUaGvMU3Hms=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e99de22623604f65f201a448414b1a05e14181d75d4ee0df0468d9f803984766

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=23eae84e478addb2c7c9b59b2582eb6f1637066154&psp=UADMq21ho1G80QJqlVO-r0kSO75f8IbVr7oNpVk7sv1jnSa8VpeFXpxQ5ZSd2CTNy1rfmJWSDtsOwNvHvUzK-xamZO7u0VGwoTjQirp2P-_hXo5Ngdwf_DREXuSMGLEn77xMKeRGTvUlNDbt1IBD2ZMt0Te6PU6p0aLXC_tH7IfV_e3aluJpgjIbgiJjerzVQDepiCYPV9dei7lsudRuEFk4wOkXRf0YtrJFpUgUx0lZxAaOxQxsO98kewFeSn5SeM1v7VRgXrncWNvEUfeGobeQzSK-zGd8CmOmfboF11g0ueSwn4XhwW3XWohLD_IMgxTGhjDEYyj2onMtEPR7GIF_MnGpUSS604LmQLEAAw_5bJNXUZX5bi6cOYDX-JAHdkrerDiX95_1YV40jy370DEPjVtuQVfsiV_xsJBvKAHzpbL-c9KY0X0K1hmj6K7Q3S24E6_YAlfHaX0zhTEZmdlEQWNyyQUHPP-aNlX0Ltb4-snykFrgP0sUpf56RFunrKAgR09fVwkX46AiaLc4wJInDwlq5rN0i2KSl2OMk2hxIZxZFbZJDAz6I1JKioP-i-NqGshJYJUX-rXH0nuxbA3x05HRznDHyAo2ZwHKp0hzS2zWnzrP4WGKaVdgCFrwdRhcNLTz9fwQsHpuBy7HrfccCmaIOSVchckPLSCM9a2YpUaGvMU3Hms=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=23eae84e478addb2c7c9b59b2582eb6f1637066154&psp=UADMq21ho1G80QJqlVO-r0kSO75f8IbVr7oNpVk7sv1jnSa8VpeFXpxQ5ZSd2CTNy1rfmJWSDtsOwNvHvUzK-xamZO7u0VGwoTjQirp2P-_hXo5Ngdwf_DREXuSMGLEn77xMKeRGTvUlNDbt1IBD2ZMt0Te6PU6p0aLXC_tH7IfV_e3aluJpgjIbgiJjerzVQDepiCYPV9dei7lsudRuEFk4wOkXRf0YtrJFpUgUx0lZxAaOxQxsO98kewFeSn5SeM1v7VRgXrncWNvEUfeGobeQzSK-zGd8CmOmfboF11g0ueSwn4XhwW3XWohLD_IMgxTGhjDEYyj2onMtEPR7GIF_MnGpUSS604LmQLEAAw_5bJNXUZX5bi6cOYDX-JAHdkrerDiX95_1YV40jy370DEPjVtuQVfsiV_xsJBvKAHzpbL-c9KY0X0K1hmj6K7Q3S24E6_YAlfHaX0zhTEZmdlEQWNyyQUHPP-aNlX0Ltb4-snykFrgP0sUpf56RFunrKAgR09fVwkX46AiaLc4wJInDwlq5rN0i2KSl2OMk2hxIZxZFbZJDAz6I1JKioP-i-NqGshJYJUX-rXH0nuxbA3x05HRznDHyAo2ZwHKp0hzS2zWnzrP4WGKaVdgCFrwdRhcNLTz9fwQsHpuBy7HrfccCmaIOSVchckPLSCM9a2YpUaGvMU3Hms=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=23eae84e478addb2c7c9b59b2582eb6f1637066154&psp=UADMq21ho1G80QJqlVO-r0kSO75f8IbVr7oNpVk7sv1jnSa8VpeFXpxQ5ZSd2CTNy1rfmJWSDtsOwNvHvUzK-xamZO7u0VGwoTjQirp2P-_hXo5Ngdwf_DREXuSMGLEn77xMKeRGTvUlNDbt1IBD2ZMt0Te6PU6p0aLXC_tH7IfV_e3aluJpgjIbgiJjerzVQDepiCYPV9dei7lsudRuEFk4wOkXRf0YtrJFpUgUx0lZxAaOxQxsO98kewFeSn5SeM1v7VRgXrncWNvEUfeGobeQzSK-zGd8CmOmfboF11g0ueSwn4XhwW3XWohLD_IMgxTGhjDEYyj2onMtEPR7GIF_MnGpUSS604LmQLEAAw_5bJNXUZX5bi6cOYDX-JAHdkrerDiX95_1YV40jy370DEPjVtuQVfsiV_xsJBvKAHzpbL-c9KY0X0K1hmj6K7Q3S24E6_YAlfHaX0zhTEZmdlEQWNyyQUHPP-aNlX0Ltb4-snykFrgP0sUpf56RFunrKAgR09fVwkX46AiaLc4wJInDwlq5rN0i2KSl2OMk2hxIZxZFbZJDAz6I1JKioP-i-NqGshJYJUX-rXH0nuxbA3x05HRznDHyAo2ZwHKp0hzS2zWnzrP4WGKaVdgCFrwdRhcNLTz9fwQsHpuBy7HrfccCmaIOSVchckPLSCM9a2YpUaGvMU3Hms=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605352589bb90239d4a8ba9f417237d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
191fead7228e8f182b7e6add0d5034e7646a8b2dc96de3f6c94bb3589d56e3ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=s4roO5v5OFwms73Ea7UOGPB4d3nN4Se5OyPcgC1--FPltoI5peZxXURKV2iUyKVqsPuZYku_hqJmdd8YX6NUUE0AWyBMxf3-SSPNRHYcTbbm-G2YVyOHihmlU96HzHy2bKhcBw43Je5Y5oOgGffBWV4xNXGSSUNI3MqZ8v2fRmRof6vsQfSZWxBBVYWa58NnCX0yH5qJt5_s4tmDxAYI3s_a8ojw5Uw03Sr6Xttnf9NRw-JdrsnUMVh4z8mUSHSiTUcwng7VGJnqq4TN92BQN9cVzazvsiNrdiSPPlg8aBLn7wdgpoLmYY4z9vEdXIXjiXUJLBtedcqflPYluXdabxPTbDX2aWxYtsYP5NupbgGSoUmbm0l5NU-deWt2_GXji3UoeyCbEKZVmFPl7g0Hgx-VWH55VKBkSAwY1tcfBjHOz2Xl2crd4kHWQP-tJ2y4P2sdnM8pZKzrZ45YDCAfo1hGyDQSClr0yXH_W5TfwKHpuTgwfHrNawjidmMeAzh3wBHmtn7P4_-kdjeT5Op32f4coeeXbfMm-FeYxTlUVEUOX9BihCXSvhXW0QoQRCOoUf9m9TsAUT_Uxr0DkjUptxc4cIrjOkO_xslxJHYELVOjjdLGUmv5ivkVoYpZcyicOEZr98LC4a4oqWtOpVLQO3KGUFGGSza_uBE3JrcYrtuRNAt3fldWqCU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e50b6f4228c76bd877afc2383c4b39ba44b5df751eda3494beeaade57e08da26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=s4roO5v5OFwms73Ea7UOGPB4d3nN4Se5OyPcgC1--FPltoI5peZxXURKV2iUyKVqsPuZYku_hqJmdd8YX6NUUE0AWyBMxf3-SSPNRHYcTbbm-G2YVyOHihmlU96HzHy2bKhcBw43Je5Y5oOgGffBWV4xNXGSSUNI3MqZ8v2fRmRof6vsQfSZWxBBVYWa58NnCX0yH5qJt5_s4tmDxAYI3s_a8ojw5Uw03Sr6Xttnf9NRw-JdrsnUMVh4z8mUSHSiTUcwng7VGJnqq4TN92BQN9cVzazvsiNrdiSPPlg8aBLn7wdgpoLmYY4z9vEdXIXjiXUJLBtedcqflPYluXdabxPTbDX2aWxYtsYP5NupbgGSoUmbm0l5NU-deWt2_GXji3UoeyCbEKZVmFPl7g0Hgx-VWH55VKBkSAwY1tcfBjHOz2Xl2crd4kHWQP-tJ2y4P2sdnM8pZKzrZ45YDCAfo1hGyDQSClr0yXH_W5TfwKHpuTgwfHrNawjidmMeAzh3wBHmtn7P4_-kdjeT5Op32f4coeeXbfMm-FeYxTlUVEUOX9BihCXSvhXW0QoQRCOoUf9m9TsAUT_Uxr0DkjUptxc4cIrjOkO_xslxJHYELVOjjdLGUmv5ivkVoYpZcyicOEZr98LC4a4oqWtOpVLQO3KGUFGGSza_uBE3JrcYrtuRNAt3fldWqCU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605357cc7e9ae5e6c458a8f8b9ed6f1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ca1879c74fe51604ee738285e176dda852d117a71b60b6a6f7d95689f1bfed47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=_fBiwthsAJfDhYnoWE9EtkYrnvW9cFQNMh5VqElEhpC6ZGiDr1fKcF3-C1ZYTD3DANQHZSWmitpkcafgtLA2wvA5Eduzn2da4Qr2s6IgZyHH5Y3LrA23vr6fwIl25JiqZNTXh1VWHa6uIZZLTBKKbOJQWASuTJPY6jjYIt8614naAzKA9ItKfQP_POde8mRAOm9Idy-GavO3SPgh74Qnzsap8vjgD7xDlEMD6L_ZgzTiu_kCX8ctYmzW3C7oa-fu4rx_QfMUDsW_zYa3EMXKFMSl6Bq9hmglWoFKGuF1sJF-wy2jH20jAtC3fyv8RPO-F3h_OwVrksYrHehhHwqupKYHNbu6yZO_VGS5O3mSvraoki-Qfq8wTgkp3k6i0Y2q2kaGbUGH-6NVtoFMu48uPNqMn14fNClYKahfnr19SWvKzlbnQYWCC3i8o4o2u7ZtKhlu_bnjpLlr9pBRBmJyqXRAxLrKxQjD5ybIA8_MPY_A_kOUps34wz_fFM_4VnI814i0HqyllIqPPrYxHQFKf9I4QnBHj96uKBOPFPnuNtAmrEyOHPjCO4Gp9h209WbLsI4_v6T9SVfGJdG4yrVgcGU0moeJyiT5_xjHj-gQ8T9nmwpnvPNZK8Fw6v5qoMpZrKf7voRCyZpxxkF0c0wfgv99mum8VHGhEGXHpkZDnI5CF97yCRRlWpo=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
656aa94e9ad86afc4c6c741fe27e99fbf280443911f7d6fc20909a507497b4b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=_fBiwthsAJfDhYnoWE9EtkYrnvW9cFQNMh5VqElEhpC6ZGiDr1fKcF3-C1ZYTD3DANQHZSWmitpkcafgtLA2wvA5Eduzn2da4Qr2s6IgZyHH5Y3LrA23vr6fwIl25JiqZNTXh1VWHa6uIZZLTBKKbOJQWASuTJPY6jjYIt8614naAzKA9ItKfQP_POde8mRAOm9Idy-GavO3SPgh74Qnzsap8vjgD7xDlEMD6L_ZgzTiu_kCX8ctYmzW3C7oa-fu4rx_QfMUDsW_zYa3EMXKFMSl6Bq9hmglWoFKGuF1sJF-wy2jH20jAtC3fyv8RPO-F3h_OwVrksYrHehhHwqupKYHNbu6yZO_VGS5O3mSvraoki-Qfq8wTgkp3k6i0Y2q2kaGbUGH-6NVtoFMu48uPNqMn14fNClYKahfnr19SWvKzlbnQYWCC3i8o4o2u7ZtKhlu_bnjpLlr9pBRBmJyqXRAxLrKxQjD5ybIA8_MPY_A_kOUps34wz_fFM_4VnI814i0HqyllIqPPrYxHQFKf9I4QnBHj96uKBOPFPnuNtAmrEyOHPjCO4Gp9h209WbLsI4_v6T9SVfGJdG4yrVgcGU0moeJyiT5_xjHj-gQ8T9nmwpnvPNZK8Fw6v5qoMpZrKf7voRCyZpxxkF0c0wfgv99mum8VHGhEGXHpkZDnI5CF97yCRRlWpo=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535715d0d84534a4d39b744f22509&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2c985d2bb75130d5f6a4c9c4926f80f990f1eee7201989106dfac68f1b1dfbdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=VgREcmM3R4L3i6cjk6WpCi2Bo0lPu_EoAk9QDMkCmW8bfK9k5zt5d4-fN07S86kudqIvO5RpzW_1fDwOxAWFA1kF9dEsgjyy99VSvDNGZmjM4xSZLV5hKDVsQZ7sPe1gNp7H-y493Lzk7R-FQQn2KCLxcaQEg6tjSlvu3TKZFs8r5hjWcRLl1iimx80oU3hTgbPa-hiewEPVMcMQMamTEgd_eZKAm-0mNcEO9lkhIUTSxDxG3xmTDxPZ10b-eZ74cee-7JvK2euGZfEP0tSiUVF-zHE747C3xqlcroJvIe6QLeMZpWRWgdh2G7Xg97ryNPjKCX8mFsFdiqEVk8CrgphYBFS9CIqWPRfE1uATyjSGuRbc9MoQkD25-1Gq142MGIGbAeRwEjtzWnoQUA0sGcNpxMSW0IemCQ3uDePEHBg2BWHgTGeXXtDM7QipOd5XRhMAuYrAziRx_OUTqx5TEMW2_pcr1sS7vkEOs2h3SScljZLWfIi7jo5r_xq4Gh9XGVAARuDoSwk9roxAd707rND7Jid1UFuBxo2Qy1racn2_BzccyiPCm1MGe-r6KiGsnTAtzKQgoecMnOfiggO4vbPZGosGc-TlQy-VqBZrmW7sMGnv-NDvsTYz6PnoSMb70rj18de3mupgHc_QGjVt0ApxL0mjBk0FNycuslBLJnQmzCimmN_Sa6w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fe2848a1a5e511fab6db04f5055974f7abf1c46e2e9bb27cb149b1899809f474

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=VgREcmM3R4L3i6cjk6WpCi2Bo0lPu_EoAk9QDMkCmW8bfK9k5zt5d4-fN07S86kudqIvO5RpzW_1fDwOxAWFA1kF9dEsgjyy99VSvDNGZmjM4xSZLV5hKDVsQZ7sPe1gNp7H-y493Lzk7R-FQQn2KCLxcaQEg6tjSlvu3TKZFs8r5hjWcRLl1iimx80oU3hTgbPa-hiewEPVMcMQMamTEgd_eZKAm-0mNcEO9lkhIUTSxDxG3xmTDxPZ10b-eZ74cee-7JvK2euGZfEP0tSiUVF-zHE747C3xqlcroJvIe6QLeMZpWRWgdh2G7Xg97ryNPjKCX8mFsFdiqEVk8CrgphYBFS9CIqWPRfE1uATyjSGuRbc9MoQkD25-1Gq142MGIGbAeRwEjtzWnoQUA0sGcNpxMSW0IemCQ3uDePEHBg2BWHgTGeXXtDM7QipOd5XRhMAuYrAziRx_OUTqx5TEMW2_pcr1sS7vkEOs2h3SScljZLWfIi7jo5r_xq4Gh9XGVAARuDoSwk9roxAd707rND7Jid1UFuBxo2Qy1racn2_BzccyiPCm1MGe-r6KiGsnTAtzKQgoecMnOfiggO4vbPZGosGc-TlQy-VqBZrmW7sMGnv-NDvsTYz6PnoSMb70rj18de3mupgHc_QGjVt0ApxL0mjBk0FNycuslBLJnQmzCimmN_Sa6w=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535936692627c5f484499a9803af5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
46a4c495d1aca214110f97b23e1a217402a78546b4827a66fd1279490e1f8a31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SFH0NEQtLuZGVA5htvd0_otPed50J5NuqmE8Dql3YXYvOTZEitPWyqoWq34uuf0myUZoHnBy1m5bMjN6oJxPueIWSXWkxQJHjSG6cEnkPMBaOsWwtq1Gh32_tIQEH8iCYhVXg05YAOPwjE2P-K17lgARnjyoDue0X2f7tRhXySKkBgaxpYTn3xU9LmFzIRsbXNRjqdXgxJ_mkYeqFcDaaxThZMyqFQOg_m7GSPwS2pAxPr1UKtvJlCQTdQ5_jkFFH1GXAIpgaOdDus3le763alMdZTRE65rwDz6aTuw3gs54ek2bEEEBWqLrt6dTeh_fgOyk2LDwF4icD3rbEaHrrbzt8-r6UjRjgyXcaCKBXK3ps0EhPgAMSGb0i9wlFNzGbSIkUBRmqaPkjp6ByYClmzS4mA1-Lvnle4sOujMcFncHEdgUMTDDuK1m1tvL0wP_BytpkLKhjaSf0jPbe-aVuswJLPNkLo20QTRje1mbdoRfT0ZKoHXunEi-GgiidxFsTm3fnpmG6HdekPbgUwy-5hIsapVlrOqWnl_meFvtkOYJ_v7Adqh7ORO_ZdMCj-nNVNa9I1tx4viTwa49YL5D5k2NkScIe_v__IfyvesUiyXo7QuX99ercdyV3A2ngwQ0KkHyNwEhGROYjrcbbq2j1EUP-IRmNeG1St5Fc6B6n6yxsho63DOIE6I=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2d48a7b4e77fc54e1949ba22fff6ac49701c1bf5667ea6dc03ed8317997f432e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SFH0NEQtLuZGVA5htvd0_otPed50J5NuqmE8Dql3YXYvOTZEitPWyqoWq34uuf0myUZoHnBy1m5bMjN6oJxPueIWSXWkxQJHjSG6cEnkPMBaOsWwtq1Gh32_tIQEH8iCYhVXg05YAOPwjE2P-K17lgARnjyoDue0X2f7tRhXySKkBgaxpYTn3xU9LmFzIRsbXNRjqdXgxJ_mkYeqFcDaaxThZMyqFQOg_m7GSPwS2pAxPr1UKtvJlCQTdQ5_jkFFH1GXAIpgaOdDus3le763alMdZTRE65rwDz6aTuw3gs54ek2bEEEBWqLrt6dTeh_fgOyk2LDwF4icD3rbEaHrrbzt8-r6UjRjgyXcaCKBXK3ps0EhPgAMSGb0i9wlFNzGbSIkUBRmqaPkjp6ByYClmzS4mA1-Lvnle4sOujMcFncHEdgUMTDDuK1m1tvL0wP_BytpkLKhjaSf0jPbe-aVuswJLPNkLo20QTRje1mbdoRfT0ZKoHXunEi-GgiidxFsTm3fnpmG6HdekPbgUwy-5hIsapVlrOqWnl_meFvtkOYJ_v7Adqh7ORO_ZdMCj-nNVNa9I1tx4viTwa49YL5D5k2NkScIe_v__IfyvesUiyXo7QuX99ercdyV3A2ngwQ0KkHyNwEhGROYjrcbbq2j1EUP-IRmNeG1St5Fc6B6n6yxsho63DOIE6I=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535ad04d2da51dd4a0a98f100477b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:55 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e9a619197ffe315164ae43d78679644d349fad9c5de68f0c3b2e590dcee2df57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SoLJ0D_Fidu8gSKpAvRHL5KBkF8mT4tATj73LJqz85ZA626sioH2kkhUaUBqbDhRUR9DDvFJv7gBuszThMFefX_DwrIjFYawi-MnkKTHKoyaQ6Z-YgKauYaChSL30skRdL7ikpL4-TjIQU1vT6K5xTypp-UJq282k4orrqPHfBCbUWpon0L6GfWke1rFsB9vrfzMapl0CDkaq_p8PzAaDQByQCiZDB8zikWGRoAdzSqU_wLeISg9c4hZQxk5ZqMeSg07k2JHLn7KhDJVHiPQV40RIoalUQegWPRCudMT-FIuAwf1cmkXiUNLeaqUbagNM3u-k83sqf8pjsbu95AQvb6YWqcAUK1Y5pYamiVSO3YdJOBfi6RvTEScuPB_r_shz1eb3P4Jm_u-kclNqsXh_qQmK21Nuv9tymcb13eZd-qiCAWSfidEizY7h3heEACfJUpcenvaq3OXZgdd0m_z-Wl0eBDsZcN0mQtWfdEFAeVJIwzByVsQgpqkZOc-4si0FLatVWj22ULDMS5EzAU3VJ_478MoviwJr80P6tLr5nvGT1AF9C6syQ6bKHwa5cS3CY7yhEkiL2wqnEqxczFBM9X-wxMmorzSnD16P0snChBId2LH1hgXxmXVbziF7pplW4JIkOcKFkUHTWxxI4lmbSdm4fhspTN7bTJ-TR6Qs_r2JN2RVNX-uzI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
977c45c865a10e9a318cd871a6ad607999dda91389a89b78bbc58bd82ddd23d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SoLJ0D_Fidu8gSKpAvRHL5KBkF8mT4tATj73LJqz85ZA626sioH2kkhUaUBqbDhRUR9DDvFJv7gBuszThMFefX_DwrIjFYawi-MnkKTHKoyaQ6Z-YgKauYaChSL30skRdL7ikpL4-TjIQU1vT6K5xTypp-UJq282k4orrqPHfBCbUWpon0L6GfWke1rFsB9vrfzMapl0CDkaq_p8PzAaDQByQCiZDB8zikWGRoAdzSqU_wLeISg9c4hZQxk5ZqMeSg07k2JHLn7KhDJVHiPQV40RIoalUQegWPRCudMT-FIuAwf1cmkXiUNLeaqUbagNM3u-k83sqf8pjsbu95AQvb6YWqcAUK1Y5pYamiVSO3YdJOBfi6RvTEScuPB_r_shz1eb3P4Jm_u-kclNqsXh_qQmK21Nuv9tymcb13eZd-qiCAWSfidEizY7h3heEACfJUpcenvaq3OXZgdd0m_z-Wl0eBDsZcN0mQtWfdEFAeVJIwzByVsQgpqkZOc-4si0FLatVWj22ULDMS5EzAU3VJ_478MoviwJr80P6tLr5nvGT1AF9C6syQ6bKHwa5cS3CY7yhEkiL2wqnEqxczFBM9X-wxMmorzSnD16P0snChBId2LH1hgXxmXVbziF7pplW4JIkOcKFkUHTWxxI4lmbSdm4fhspTN7bTJ-TR6Qs_r2JN2RVNX-uzI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053507c57c2917724c338a5070800f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b01194eaf9d9d62fab1790dc596e2c605ffefc6ac39fb39a977b9641ea03d5cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=_6UlDChAde9zgbzks38q2JYjWJ7sR1f6OnpOpMU_3Uo_DGpsJXBwgFXl3FNadgtY0vUAKwUlUJC-HoisXAgNdc293woZyiMT7to7VCv31u6SSYv9YO1GOAp6mVaICLbImDcM9WB5or25FPDUic46Vk8ZQLzsxs4fpwwDlt8FjmBoSfbWUbbW8eQbIhdej-gQjArr2fM5ltPsfYZrVtvApwjCvvjeZwz5455KrqZ7S5ak3rC4BqigsZrbEhvwtiyxDyCy7iq6BK3QvV3HZ6c2XYVa6C0dJFu0EHHJP10bbaS7k2n7Mi88MxrMVphbH9DJLVDnvKK_bpZ0EYzdVLi7Rx-aLtbtqbf-Lqsm7iCJBfWHoIEkojBsnv1MHFkLx47tVl0GkVQZjH_x59G11VrqRoCM_PwrzEhlIZvE9FyHJ3Vr2vf5v1dVE83Bg-j27r3d1OSeAMPc1ogh0Au4juIuK4yeHdjZk-bDx0fOFdo9AmLXpxtylulkuaKxJe-pHjOQBVRL9OrpkadaaXFH_PB9DoNfp1KaI3VZ81Zjw483PRk8cmFYvnBOF5BIB5hsCYS1AVNoaic-7iSj1D0mmi3rdhwEfD1qzPBwR_dodEmk9Cg7GvsD7cClK4NhkgXxzpD0BL84jHuMbkiRc3XjDSL59Cotatjbm34CTbGySJgZYWTYaaCymoGhao0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
101f4e79181f10c3a5ff6c74dbb5b5b10efe0fb3b55ef30e3dacb12cb1ca22e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=_6UlDChAde9zgbzks38q2JYjWJ7sR1f6OnpOpMU_3Uo_DGpsJXBwgFXl3FNadgtY0vUAKwUlUJC-HoisXAgNdc293woZyiMT7to7VCv31u6SSYv9YO1GOAp6mVaICLbImDcM9WB5or25FPDUic46Vk8ZQLzsxs4fpwwDlt8FjmBoSfbWUbbW8eQbIhdej-gQjArr2fM5ltPsfYZrVtvApwjCvvjeZwz5455KrqZ7S5ak3rC4BqigsZrbEhvwtiyxDyCy7iq6BK3QvV3HZ6c2XYVa6C0dJFu0EHHJP10bbaS7k2n7Mi88MxrMVphbH9DJLVDnvKK_bpZ0EYzdVLi7Rx-aLtbtqbf-Lqsm7iCJBfWHoIEkojBsnv1MHFkLx47tVl0GkVQZjH_x59G11VrqRoCM_PwrzEhlIZvE9FyHJ3Vr2vf5v1dVE83Bg-j27r3d1OSeAMPc1ogh0Au4juIuK4yeHdjZk-bDx0fOFdo9AmLXpxtylulkuaKxJe-pHjOQBVRL9OrpkadaaXFH_PB9DoNfp1KaI3VZ81Zjw483PRk8cmFYvnBOF5BIB5hsCYS1AVNoaic-7iSj1D0mmi3rdhwEfD1qzPBwR_dodEmk9Cg7GvsD7cClK4NhkgXxzpD0BL84jHuMbkiRc3XjDSL59Cotatjbm34CTbGySJgZYWTYaaCymoGhao0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605359639325db7cf4a23a3b93b2538&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ef51c4163439c147bc54776b5b273a5767ddbe730ed3bf1ad1b2506172b041db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=fwXSx34iOFaGjTTPNTbIGMVBDcyXJNC5FJIH77I_N6KjrbDbv6_wt5birx_mKXMF-IGG9lin-sTYBxohIa7ZZSHwantJsq_Kqnw3voeg91Uw-6zfLC-M9pQu53LHQg_yDsy-CZY3H830JTnPNO48wEiIJB8uQrACAN7KuFTJBubfkoe5txS-i2hGdb3pT58NRtHMumzT6WxhE7QoFf8HsH91zO3iF6WqX511I0ydfTiligG8VGsub24cS-qeJG2c8MvWZTp9hPxPNOWIlEbaNuGsmfrGeEtyUPatUBmPC-BWly0h0q6jNzqqyUVHVO_nnOpAA4xmHL3S2EEbTXVktcJQAaCsd5i4neAtrRSxXHBCsuvV-nBGfdkuJC8x7f_hNfc8YOD0KThDztuPgQP9Q45jdey7yHyVgD9rbPUcsHcIxAdfrQhSSTIO-Cm1dxAwwYQP3akQPL5-pjVyok2v01rdj5XLCGbQdsQFNGShAM1Cn5r37aAJXSmHJX7wvlDRq8uSmg1HJEoBjQj0PoZn50t06wyJoTzYERBIcgE3cYagkdcjUsUH8242iG_6sX9SVrAe8X0OtbPycCl6zQXFsfolYWrxujSYk5pAPIk0TJtvdRMSDrb1CQRi6I82BNKxjJLQyyuV5P5wgf6oUAg6AsQQGj8z1FqwdvUSBeYyYWcehIVOZu887cA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2778cae8a9c84f17d4266f6a4a41ba08ec4921c4570c98eb862a90d67cc66bc2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=fwXSx34iOFaGjTTPNTbIGMVBDcyXJNC5FJIH77I_N6KjrbDbv6_wt5birx_mKXMF-IGG9lin-sTYBxohIa7ZZSHwantJsq_Kqnw3voeg91Uw-6zfLC-M9pQu53LHQg_yDsy-CZY3H830JTnPNO48wEiIJB8uQrACAN7KuFTJBubfkoe5txS-i2hGdb3pT58NRtHMumzT6WxhE7QoFf8HsH91zO3iF6WqX511I0ydfTiligG8VGsub24cS-qeJG2c8MvWZTp9hPxPNOWIlEbaNuGsmfrGeEtyUPatUBmPC-BWly0h0q6jNzqqyUVHVO_nnOpAA4xmHL3S2EEbTXVktcJQAaCsd5i4neAtrRSxXHBCsuvV-nBGfdkuJC8x7f_hNfc8YOD0KThDztuPgQP9Q45jdey7yHyVgD9rbPUcsHcIxAdfrQhSSTIO-Cm1dxAwwYQP3akQPL5-pjVyok2v01rdj5XLCGbQdsQFNGShAM1Cn5r37aAJXSmHJX7wvlDRq8uSmg1HJEoBjQj0PoZn50t06wyJoTzYERBIcgE3cYagkdcjUsUH8242iG_6sX9SVrAe8X0OtbPycCl6zQXFsfolYWrxujSYk5pAPIk0TJtvdRMSDrb1CQRi6I82BNKxjJLQyyuV5P5wgf6oUAg6AsQQGj8z1FqwdvUSBeYyYWcehIVOZu887cA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535748219597fa54591b91cb25341&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c343a55c2e2ae02f8693ee59e23a4b6369c0d56c10917210d757205f9b76a407

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=7GDidJ0F5htisBGBM8v1-_oNmexgaTmwXACcAHs0EyZ7AfzOC-uGFkUCUr7X2Th3yzMTZdsLm_WVOaFBHcxgu66C2uA8BQQm_818p1yDryqN8ZQiNL6_dXMsTJEFS91UJqmyFK_iNWT7ZL1lyP0oTPK65e6L6j2CAzMWyWVtwcVL0kD5TZohgFplwF7H54xQh-pqrVZhZLpk9bLmNKf63eROgfeg5VtpxwIZbQlLCqaAxqLLvG7gv64MatIjPe0fTpw6lL-KCbGCYrUugKPx5sSu87dx0OoZ1Kj6_Xni4MPDffD91eJ9b3aUUB8qTFMsKHKh_F8jw1BRMr1TQv4xGIXm3GlDY1L1wNEd-XB1fVb89IgKFF1Gx2NI-BDXsC_N15iD0PtIrkSetL77NyK6llbLZt_byryiiwWlPLeOGSgHUd8ic6aKPp-BQUHiFpViw32-ky81nS7HWMHhZ1SPYSCk9erJLmWdQmmuf_WvWGVkRLCym6UZItI08tqe4tx5NgXatrhK7kcFdgvwKVPACxC6nEVkDrnoQlksu6W-yTmf49FDmIUOE4RsuLz0LoLcdxKQQ44IGAU0Lj8u7eBzLSTXBEOW0RxO6DPIaH8sdOIvhxH9zrLF1U17cFRsOPKCAxwjDw9udyAFM71A-KDcvmly3Owa_TUDvWBIRhf2w7w800kn5pFeXGY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d205dfa972bdf8064ee1ebe819d887fb6f63994a1a2fd7d5ef4ba42488274e9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=7GDidJ0F5htisBGBM8v1-_oNmexgaTmwXACcAHs0EyZ7AfzOC-uGFkUCUr7X2Th3yzMTZdsLm_WVOaFBHcxgu66C2uA8BQQm_818p1yDryqN8ZQiNL6_dXMsTJEFS91UJqmyFK_iNWT7ZL1lyP0oTPK65e6L6j2CAzMWyWVtwcVL0kD5TZohgFplwF7H54xQh-pqrVZhZLpk9bLmNKf63eROgfeg5VtpxwIZbQlLCqaAxqLLvG7gv64MatIjPe0fTpw6lL-KCbGCYrUugKPx5sSu87dx0OoZ1Kj6_Xni4MPDffD91eJ9b3aUUB8qTFMsKHKh_F8jw1BRMr1TQv4xGIXm3GlDY1L1wNEd-XB1fVb89IgKFF1Gx2NI-BDXsC_N15iD0PtIrkSetL77NyK6llbLZt_byryiiwWlPLeOGSgHUd8ic6aKPp-BQUHiFpViw32-ky81nS7HWMHhZ1SPYSCk9erJLmWdQmmuf_WvWGVkRLCym6UZItI08tqe4tx5NgXatrhK7kcFdgvwKVPACxC6nEVkDrnoQlksu6W-yTmf49FDmIUOE4RsuLz0LoLcdxKQQ44IGAU0Lj8u7eBzLSTXBEOW0RxO6DPIaH8sdOIvhxH9zrLF1U17cFRsOPKCAxwjDw9udyAFM71A-KDcvmly3Owa_TUDvWBIRhf2w7w800kn5pFeXGY=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053521914a48145d47a4901c31e723&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
afcb724ae56c981ae555e394a97aff2e2f76c519a3b1d9d74f967b42cf83a3d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:56 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=M6Yl-U7XjHFJ9IGsiizSUEQDdTg0WUkwORfZqAyFTvX44A4R0_OBA0XFOhV5X9IhZMHoZeJPAHaxisMM5AiuhwxVeMocXzllu8lyEDl6kc65nDU9Ksc62VJOvBll_jg8BpMknz1XX1j5Obk-Lwcg8RE8npQ7CmrRRz-Pblf7qFDzj_bwPQCpeKoRXuUYiEfsruUS_0qmU93n2r0mnkIFbb0gv8zIaTvkcyXLEl2jFneK-FOE3cWf5jRGzoKIQR0M5Py5HH6J5wl2xNzN4meIcQMLANIn-1AlhDJTkS4O-HM6CzNGRk2aQpoLB9vSkIPQRx7Hy3Yoktz11A3AIcmJjMFJwKFg6ZVv7rLeaENVcQ3a3jSLzfjK9tx0uP05KvhnXZM_KY3Ncj7rMzVnx4pHbVH3OZuNJAFX-5wZoji1eqWJlIsQ7yV9WnB3geIe0e6ax5bulMIO5V7oPA3FNfn4X7Qw5_F78iws3qFmQ7OJwzZ2h1as4AP8bshI8YmaMnwnDZdyKaoQM68_SoXAhFTxP_QFr7eLJNdCaAi0Wo1FWVauJgCvoiOums_0Je6nSd-MhN4Zwc8fg3wkhphADUOJTHuVYqjCP-S7YVdsCpid7bI9e_MJFMKcWJ84gQYuryKcDIX0EcpSH7bopi9rCPnob6jO3uIlPcmoPYdtFglttwQZ2LWhK-oOiHg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
86d36b5bf3c7e741640503e8e55cb9c02e51f03b18d79b325252e08e02151ed2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=M6Yl-U7XjHFJ9IGsiizSUEQDdTg0WUkwORfZqAyFTvX44A4R0_OBA0XFOhV5X9IhZMHoZeJPAHaxisMM5AiuhwxVeMocXzllu8lyEDl6kc65nDU9Ksc62VJOvBll_jg8BpMknz1XX1j5Obk-Lwcg8RE8npQ7CmrRRz-Pblf7qFDzj_bwPQCpeKoRXuUYiEfsruUS_0qmU93n2r0mnkIFbb0gv8zIaTvkcyXLEl2jFneK-FOE3cWf5jRGzoKIQR0M5Py5HH6J5wl2xNzN4meIcQMLANIn-1AlhDJTkS4O-HM6CzNGRk2aQpoLB9vSkIPQRx7Hy3Yoktz11A3AIcmJjMFJwKFg6ZVv7rLeaENVcQ3a3jSLzfjK9tx0uP05KvhnXZM_KY3Ncj7rMzVnx4pHbVH3OZuNJAFX-5wZoji1eqWJlIsQ7yV9WnB3geIe0e6ax5bulMIO5V7oPA3FNfn4X7Qw5_F78iws3qFmQ7OJwzZ2h1as4AP8bshI8YmaMnwnDZdyKaoQM68_SoXAhFTxP_QFr7eLJNdCaAi0Wo1FWVauJgCvoiOums_0Je6nSd-MhN4Zwc8fg3wkhphADUOJTHuVYqjCP-S7YVdsCpid7bI9e_MJFMKcWJ84gQYuryKcDIX0EcpSH7bopi9rCPnob6jO3uIlPcmoPYdtFglttwQZ2LWhK-oOiHg=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211116053584aa2016814a4d17b4c23cfcd6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
052c98e7c41fc05c931f9830366ea5c099c6ce8ca80981e75f3827a051274458

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=HrYfgHuEVxvpKFO7C2SjFTZ6Hoe3DXLxiNhIzsjR7YMfeM3w8ncT8TlVE0VV8ifwVB7rvYvuDGMS0t74ce7c_JpPRQSsziOCc4ry0mHuRuknSS4eS4aJoOQYwx7UXw_WfFkeSeoB18VVoyoM31S7w3lE79ehFNfVv30GIV9OzZY4DRViiYYbxqJxEZNes4bkyq-vtx9DnxboCJqlq2ifrAUMyG_y45-JB2bdn2OFdjxNtnIYeIx4toWPDNwPhrl4GWb9120RGdewwwi4xGPu6DJFSE4bVAdw15BTlpjix3XR8nRjgkyl9jccIK2XjOlmsLAukyydADby90Y_CB1SqxMupsge8dA2rVinGfNlECcYBpcVyMBU6-eivK5svd41WVvgY7aVrxxp16l_F2LAA6t-USNUciMMUrABoiH8bK1ss0KTVbTkLhtp5H6XoP2U95653biSQ_nu5JOoY09-8CaFMNzgwL-DX6RfesaeqFWkDMCXGXQTdWXR7IjBrYzC-nyWaHWs3zkgXgd34T5C9losstmNVCBLhvDQMlnUff91WjyajBIwD5Yp-qDt4mKBXHGC6aFdbYUxFNS8QdZr6HJ5zpXyinCqVJIZF_W2P_GYWJz6Ig6D1j5grUWDzfmBmHoiW_w0yt0dIqQDf0UePPffxEUVraO07wZ1Uv5DQgQ7eNzu71ENWCU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
16d1ee69e9800d39f5f7704986f10bcffbfbea9104c067e28e466ef95c1381a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=HrYfgHuEVxvpKFO7C2SjFTZ6Hoe3DXLxiNhIzsjR7YMfeM3w8ncT8TlVE0VV8ifwVB7rvYvuDGMS0t74ce7c_JpPRQSsziOCc4ry0mHuRuknSS4eS4aJoOQYwx7UXw_WfFkeSeoB18VVoyoM31S7w3lE79ehFNfVv30GIV9OzZY4DRViiYYbxqJxEZNes4bkyq-vtx9DnxboCJqlq2ifrAUMyG_y45-JB2bdn2OFdjxNtnIYeIx4toWPDNwPhrl4GWb9120RGdewwwi4xGPu6DJFSE4bVAdw15BTlpjix3XR8nRjgkyl9jccIK2XjOlmsLAukyydADby90Y_CB1SqxMupsge8dA2rVinGfNlECcYBpcVyMBU6-eivK5svd41WVvgY7aVrxxp16l_F2LAA6t-USNUciMMUrABoiH8bK1ss0KTVbTkLhtp5H6XoP2U95653biSQ_nu5JOoY09-8CaFMNzgwL-DX6RfesaeqFWkDMCXGXQTdWXR7IjBrYzC-nyWaHWs3zkgXgd34T5C9losstmNVCBLhvDQMlnUff91WjyajBIwD5Yp-qDt4mKBXHGC6aFdbYUxFNS8QdZr6HJ5zpXyinCqVJIZF_W2P_GYWJz6Ig6D1j5grUWDzfmBmHoiW_w0yt0dIqQDf0UePPffxEUVraO07wZ1Uv5DQgQ7eNzu71ENWCU=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211116053522cd7c7a910448e3893cc3f778&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
22de4c2ddb3368991181cae235f894340499f6986d41b4ee54c81bffb8bc13e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=jfQbcIY4O96wvmZsGQhgSXKn4zmLNtU0Zsv2VEDqiJDaXbXVJGgTwSxP-oIbkfg31Loe1B8-lF2AC352Qie6XJI1xc9Tlf4dAh9LWgiqcj8MSm8yyB3ZOz4U5qN09l8yhhet83DzQ44lj9qVK5XleQ2q3TuFomrlkLpeTBTJMMza0ESIgWsQ7SzO35-vnrBQkkuJxRwrEQzAtbzaIrTbi9BxdxeRm9hF1asMmbVbQdhK7a5f5uM2kXLLk_1TS0_RY1C3UEXW6l3NMTKHk2WbT37Nbc23k-RaeLDNlmEgTOa5DfrFqm7Af38X0tC4qq7ou2sJ300c_M_6NQ6Yr2VB0QYjT3PuMDz-sKr4pDUdmFL7hpHQmQgQu8LNLkTri9v083UgdpQFDJB3pLyn1gsH-VXXJWBtp5eECwqfttT6eTyjN7TfPi-JvHmerbVHpTlF1MC8jYvoIhflLh2KJaXxagO0UisqlUdyc455ZKhz6D1TfppLgwQirIf3rLxmSxA5YK-eNHom6tYTT8EHBtvpm1oJSBlL6JfEd0YsUsjeyc05_eMLzkyNktJ8vH2yc9VSyM0aeLxsFX_MCzPHxzxRw7W92ocmyVCcHAU390olnfnQcIMhYuwSMT3mU-Pgj1-5TS6DmngVxggKyq6iDb3xouKpeEe4Y9IDiDUdUqkSQgfAGfs51waTnx0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
379b1924689d711072553e998d9cc9267ac9a7b1a68844eb19174ba9ebb3c83f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=jfQbcIY4O96wvmZsGQhgSXKn4zmLNtU0Zsv2VEDqiJDaXbXVJGgTwSxP-oIbkfg31Loe1B8-lF2AC352Qie6XJI1xc9Tlf4dAh9LWgiqcj8MSm8yyB3ZOz4U5qN09l8yhhet83DzQ44lj9qVK5XleQ2q3TuFomrlkLpeTBTJMMza0ESIgWsQ7SzO35-vnrBQkkuJxRwrEQzAtbzaIrTbi9BxdxeRm9hF1asMmbVbQdhK7a5f5uM2kXLLk_1TS0_RY1C3UEXW6l3NMTKHk2WbT37Nbc23k-RaeLDNlmEgTOa5DfrFqm7Af38X0tC4qq7ou2sJ300c_M_6NQ6Yr2VB0QYjT3PuMDz-sKr4pDUdmFL7hpHQmQgQu8LNLkTri9v083UgdpQFDJB3pLyn1gsH-VXXJWBtp5eECwqfttT6eTyjN7TfPi-JvHmerbVHpTlF1MC8jYvoIhflLh2KJaXxagO0UisqlUdyc455ZKhz6D1TfppLgwQirIf3rLxmSxA5YK-eNHom6tYTT8EHBtvpm1oJSBlL6JfEd0YsUsjeyc05_eMLzkyNktJ8vH2yc9VSyM0aeLxsFX_MCzPHxzxRw7W92ocmyVCcHAU390olnfnQcIMhYuwSMT3mU-Pgj1-5TS6DmngVxggKyq6iDb3xouKpeEe4Y9IDiDUdUqkSQgfAGfs51waTnx0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535870e5e7b34be4180b9bae07627&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0d1afbc3bf6f8f8da91c5cf9d1d5fa6b0055a5eda220b2134360712268315cdf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=dKknQnqHq8lCaPfvMiHUoV1Z7vyTx0uheKuZnjh8GrLH6IGvypyeuFsCFsR9OHfZvRfHz6ftI7B_ixjN1oCUI6vofSG8WoZZd7Tozx7yl-mxrfKqphfC87q89e8JkyU4Hg4po8XTTJgGjHd_6kzF9qyGet_eKNa9mbiGfXwGDaQ7LCf2ifwrc4xp5uQ4A3gwFO5w9qrLUmAXqM_Du4tyn7jsRjfo8_lm49E3kaM_5LEHHOl2_KwWx2ii0S8A7LdqNvToVR6muxKxOgFaJQrsQPINN58OLdRP1ovUMySpKnRcjVZTLUak5rB310QdRGAyjJZTxs54vM01p-vpMptTIlIyjWjzwf0H_6AF1thaBeS-ycx8YCZA2GoC4aqKBpUPGH2TDybiwJmRSRJALMEFuCs01evxubl_8U9Ux39jpRaY_k4ZEW8tKGlmwjqvhwKNfLRdm-oN5Ojopfr64C03ekKpIODefCHZ9afGIKuVms7p8cBFYNi0dCoZOxbRPaDy3vj1ZJVro5iE1oq0QUVxRabUg-s-nCpLPOLmrjJLuL80Lz8ozBi34pBmjln2hErTiM5A1-8JIc5zWSq-ir4NX-oB_f4Clz9V1PupsCr3KjC1WPTf0Hv8DNdKGOZwfhozN4GiQYRzOrXotcYEfhcG4vJgy_0l1Fk2rbIhqWrOSQBz9aoZu_ZAAQs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
004b805f560065fa6b2581d2d8cd1eceabb7c5210d7df91a8914bef42b86d891

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=dKknQnqHq8lCaPfvMiHUoV1Z7vyTx0uheKuZnjh8GrLH6IGvypyeuFsCFsR9OHfZvRfHz6ftI7B_ixjN1oCUI6vofSG8WoZZd7Tozx7yl-mxrfKqphfC87q89e8JkyU4Hg4po8XTTJgGjHd_6kzF9qyGet_eKNa9mbiGfXwGDaQ7LCf2ifwrc4xp5uQ4A3gwFO5w9qrLUmAXqM_Du4tyn7jsRjfo8_lm49E3kaM_5LEHHOl2_KwWx2ii0S8A7LdqNvToVR6muxKxOgFaJQrsQPINN58OLdRP1ovUMySpKnRcjVZTLUak5rB310QdRGAyjJZTxs54vM01p-vpMptTIlIyjWjzwf0H_6AF1thaBeS-ycx8YCZA2GoC4aqKBpUPGH2TDybiwJmRSRJALMEFuCs01evxubl_8U9Ux39jpRaY_k4ZEW8tKGlmwjqvhwKNfLRdm-oN5Ojopfr64C03ekKpIODefCHZ9afGIKuVms7p8cBFYNi0dCoZOxbRPaDy3vj1ZJVro5iE1oq0QUVxRabUg-s-nCpLPOLmrjJLuL80Lz8ozBi34pBmjln2hErTiM5A1-8JIc5zWSq-ir4NX-oB_f4Clz9V1PupsCr3KjC1WPTf0Hv8DNdKGOZwfhozN4GiQYRzOrXotcYEfhcG4vJgy_0l1Fk2rbIhqWrOSQBz9aoZu_ZAAQs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535e62a32dad4cf4e93ada0b18c7f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c3bc881b51bd787de07905b3200babacf0fe795ad640a836fe659246f5f956c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=bimt_Y583uDefAZgsGgdlgDQH5pMW_OXKY3VO7JJUzkzSPGdj6WICuIJxZ_rF_bfH7lm059JPTFpAxsZJ2Anjvn_CEYub9yRXCTZDFjykSUnCneHd8wjmLGfBE3rD87t2VYxOMMJhBxbg3ndLKMdrA-Qo21nyMSfiUkhBAv4WcP_hO8swGMBsw9zJZRJsLvkqORulzjHUV00wohU9wb8voQ9ta8L2Msx45sB1wE7nQufGYO7zmFQSYs2sxIlOBOvUUHiwzG_c2tJDsyAKOyYJRnyCDh03JPArbfh_vvlKY_ueqk-ua73jNX9MReZvBbQgMt6Z3B9yQSHkcO-WT-GZK3TEMm4JlH3Ay5ScFmp2NcYtzJUAPWP8TlaYh3Ya9-Xiq4UmliQitA8bTbWsfl_1UEtZGJ-aVt7y9PYCs_cXpJakehM-ECJ1FrE3GsA51iQveGwMb-y2vW73DBwy31KYsMFMLDFhK4J36tzAK-aRxRAhv9FenO1BDLkgChjFdJjlcSYY3XyBxWWg633XIXx9xCXL0tax59Vd_SCbJ35Kc7tnOOG82GT3j0mJR8Lb3TmcxagBK3-1Br9lQIE4FqRw3EnH2VPcCsQoqP2Gt1CoEEFBmYL-oRLI3t7b8KtqgQNw-CmM-nOaULzoANqACsffa2E4UJhyoygqkz-0GutOIlHG_wLhsZCvz0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c263bdd5eafdf7654b2cbd4f36efa632fbd286f43b7e372050ecb12459c75475

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=bimt_Y583uDefAZgsGgdlgDQH5pMW_OXKY3VO7JJUzkzSPGdj6WICuIJxZ_rF_bfH7lm059JPTFpAxsZJ2Anjvn_CEYub9yRXCTZDFjykSUnCneHd8wjmLGfBE3rD87t2VYxOMMJhBxbg3ndLKMdrA-Qo21nyMSfiUkhBAv4WcP_hO8swGMBsw9zJZRJsLvkqORulzjHUV00wohU9wb8voQ9ta8L2Msx45sB1wE7nQufGYO7zmFQSYs2sxIlOBOvUUHiwzG_c2tJDsyAKOyYJRnyCDh03JPArbfh_vvlKY_ueqk-ua73jNX9MReZvBbQgMt6Z3B9yQSHkcO-WT-GZK3TEMm4JlH3Ay5ScFmp2NcYtzJUAPWP8TlaYh3Ya9-Xiq4UmliQitA8bTbWsfl_1UEtZGJ-aVt7y9PYCs_cXpJakehM-ECJ1FrE3GsA51iQveGwMb-y2vW73DBwy31KYsMFMLDFhK4J36tzAK-aRxRAhv9FenO1BDLkgChjFdJjlcSYY3XyBxWWg633XIXx9xCXL0tax59Vd_SCbJ35Kc7tnOOG82GT3j0mJR8Lb3TmcxagBK3-1Br9lQIE4FqRw3EnH2VPcCsQoqP2Gt1CoEEFBmYL-oRLI3t7b8KtqgQNw-CmM-nOaULzoANqACsffa2E4UJhyoygqkz-0GutOIlHG_wLhsZCvz0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535af8a8bff785c43858e124f2b78&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:57 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b714c6f0d7d770cdd10751b7778c29be7f1b8e750cc02a4d77313858eafed265

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=j-fVyd24stYBygBkzjPPCpLqvAn3nBWfEgd_LfWo0pxuoFk4P2lLLe5KkbwMg4W57sQAmbg2dyQ3Yi3mGR5A-Kp67D66zPWuHpVMlA0aGhksoANgzoiP_v4XFPlfsBjqMWjkHRixxNHhIzxed0D5e_xaNOVejTeLfzJlVMk5nCYE9u2TskUjjvFB91Q3KUgjAdxArh31K5JACjsEZJW2eJGzMpVR16f-x5TnHwse8ED7wlX4vJf0n4UF-2q0GdVYHClLoCamc0pSBmmR-OzC3RPDyF2xoN8iFhffqQ0q2if12L7SWaEoZxZZSnMmZT4G0SuTN8-rWHxzGhUn00fRHPbmLBVugAiHRkaVNVsrrBIbnqQQE3ROzh2A2kJU0HkDKlSL8jufBzdRaRA_jeDGgb9HY7Xdtgjy1aIki0XvO8Av_CqSw0Xi2GuSlgSkDCAVvLEF6HSq1XelGw8navlJVG8fEgMcUKJ77uHEHmLXVU9XD8vDbxhXTW6-ntcGDcJ1EFm9BPKejd2gsDvIVQqzedbYcBbyYIGFTAq3k4DqDXLJvi6Y-6-b8-qNW6F9ej0lRGeE9Ykd6TXm4wRHVyqzhjXdp6UWgsOFLn928vyJcjcQr0qFkXElKaavL8tjqYULM4cPHjFF802eDh16ZSdnuYRDsSeqHc9ST7GXIV_rp2mD_V4w_0NpdlI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7f2cc01262e2fee82adf8fb99fb5cf3eda8a66c228a9d57c90c5197dfbe9fd34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=j-fVyd24stYBygBkzjPPCpLqvAn3nBWfEgd_LfWo0pxuoFk4P2lLLe5KkbwMg4W57sQAmbg2dyQ3Yi3mGR5A-Kp67D66zPWuHpVMlA0aGhksoANgzoiP_v4XFPlfsBjqMWjkHRixxNHhIzxed0D5e_xaNOVejTeLfzJlVMk5nCYE9u2TskUjjvFB91Q3KUgjAdxArh31K5JACjsEZJW2eJGzMpVR16f-x5TnHwse8ED7wlX4vJf0n4UF-2q0GdVYHClLoCamc0pSBmmR-OzC3RPDyF2xoN8iFhffqQ0q2if12L7SWaEoZxZZSnMmZT4G0SuTN8-rWHxzGhUn00fRHPbmLBVugAiHRkaVNVsrrBIbnqQQE3ROzh2A2kJU0HkDKlSL8jufBzdRaRA_jeDGgb9HY7Xdtgjy1aIki0XvO8Av_CqSw0Xi2GuSlgSkDCAVvLEF6HSq1XelGw8navlJVG8fEgMcUKJ77uHEHmLXVU9XD8vDbxhXTW6-ntcGDcJ1EFm9BPKejd2gsDvIVQqzedbYcBbyYIGFTAq3k4DqDXLJvi6Y-6-b8-qNW6F9ej0lRGeE9Ykd6TXm4wRHVyqzhjXdp6UWgsOFLn928vyJcjcQr0qFkXElKaavL8tjqYULM4cPHjFF802eDh16ZSdnuYRDsSeqHc9ST7GXIV_rp2mD_V4w_0NpdlI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:58 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535aebc34a26e2b4aa294d84b8acf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:58 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ff197f36f510387275fac31455e8351a9e841ae80545acfbcc24ee56d49d5ad9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
lib.js
c44wergiu87heghoconutdx.com/pn21ywqw/z/sc/scssx/1601571/ 		0
0
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=iXbUvZHXEAkYhEIaxoIosfTHh08vzDvDLuOu29a21GeE6uvEcqHZgODJ5XNlq6M4mEw1FdaqOnEdxnAh4RH4IV3xue8X9cTGcE8oHJb1XAXYoodING_tniAFvk7OKV8O5UsCxaPEAVc7LdxAyl1f99Tt_j_j3hpE3BujEbTqC5jfOgcSimEV6K0ba7RRdFreLTBjjoOwMzWOEcyfRSrNOEUJWDHFBVDDLNOnZwGjnXWB18MQmhJDERvZOT2sgpGEOuGe1D2PNLy6XE-orVwgm4bblUXWw3aKCyA53pNUiXTh9sDSW2HxakuWJJQq3vES2ZKEr7mPu7TPro9GOH4IQE4uOJdX6f-FZyyGXqcVDl7pHUz_z2EByxQkjgbNH3weE98Z2p0F7QiZ96qP_M-DHgzxakd5VEjZsDiDKrsEOVbtdkR65TvviLen35Tj-RU6FBmONSzQ4VwLDXxuyaNAl9WmBEPmcTlmDgq_oCRPhKQWV-sYDaecW30Li0tFT2VYK42IELXg8dMI1cTk2bYuIj36H2xHrsMRHCahp1S9TY2tNYNUiCq93FEe9t6m_3fM7JhuZFgCADhpz77qVuAwLmsI2U6CdzKPD_kAlLHIkyBt065-Yeh5eNmDsMVjY8SCyVoLhRsPa_672Yuirbqof66d5cMBCnEWZ7LYfyY7YhiJscwEXLGXWOA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e7ca845e4052b9db70bc69db93460a8710f2a72886457f5b78b3d7417f578179

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=iXbUvZHXEAkYhEIaxoIosfTHh08vzDvDLuOu29a21GeE6uvEcqHZgODJ5XNlq6M4mEw1FdaqOnEdxnAh4RH4IV3xue8X9cTGcE8oHJb1XAXYoodING_tniAFvk7OKV8O5UsCxaPEAVc7LdxAyl1f99Tt_j_j3hpE3BujEbTqC5jfOgcSimEV6K0ba7RRdFreLTBjjoOwMzWOEcyfRSrNOEUJWDHFBVDDLNOnZwGjnXWB18MQmhJDERvZOT2sgpGEOuGe1D2PNLy6XE-orVwgm4bblUXWw3aKCyA53pNUiXTh9sDSW2HxakuWJJQq3vES2ZKEr7mPu7TPro9GOH4IQE4uOJdX6f-FZyyGXqcVDl7pHUz_z2EByxQkjgbNH3weE98Z2p0F7QiZ96qP_M-DHgzxakd5VEjZsDiDKrsEOVbtdkR65TvviLen35Tj-RU6FBmONSzQ4VwLDXxuyaNAl9WmBEPmcTlmDgq_oCRPhKQWV-sYDaecW30Li0tFT2VYK42IELXg8dMI1cTk2bYuIj36H2xHrsMRHCahp1S9TY2tNYNUiCq93FEe9t6m_3fM7JhuZFgCADhpz77qVuAwLmsI2U6CdzKPD_kAlLHIkyBt065-Yeh5eNmDsMVjY8SCyVoLhRsPa_672Yuirbqof66d5cMBCnEWZ7LYfyY7YhiJscwEXLGXWOA=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160535fa7a43a9b318446a8e424b876a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c14dcc87ce4bcc1acbf7e4a346fec04a4b3b7a4e9b7105a06fe37a8c2bfed421

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=4BPrGPln_rTrwS_jQO27NxO47eOjwtC5cdQXHODI1stAYLVJpR60uHH9sYQOR90DQru-zITyeZVKXnJsEeuLYJFP6E2kFR64JEeBKUfrbq_jUeIV7HJDhrx0EY7W3JmX3adhmXFqbE2g2SeumDib9dZN901kXewdq9b6nOzfn8R5DG2V6QJ1VivkcStyoLxgGHIF0JdT2R62Cjpd_ZfkmMrGEW0tV6PVUk9bPr-9sNMIsSJCiRXElJH0hHf3ZWleHLXE6-Ms-2YUF9XlSH5tjYHeIQoyUrGsYPqDZHoZ4JqbvGnwhoMUnSU8uSEL4U9YMYQqhCW5qXlrTnkrChT7ZFlbaQodq7Ux318DpvWv1EfcjW70d3GKkwX60k2seKFTJhBFM2JiX2omgyJ4tZFT75HGL6jvIBSJ8ZmjWftN_26PPYjBGUxPfbzlVxxcDZSV8qMbghHHXgmzhkJnvXXXpPPRo3zp4sHiusxzn0fKmuKPP_O6JPWmnZfUfV5pCVKaT4jDn_c1C-uk8yCN92uIWkSDi9degSZ-nmWpaHF37evHzN_3mBGA2aVzKx_O33aERtllybsa483wMUjBt-M_cA-lkeT890GsEr9viixw_aYvcgohUcaq3ABQ0jhHpJPJ2VFft2pGAYKBoohBU-rv-tkPreWbjJC7CFctPmo1ZuFxSZzBxqAC41A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a534670c6d2d53d7493b21ba78d517d7c1e7999df63d65f41dbdf0c7d5696bee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=4BPrGPln_rTrwS_jQO27NxO47eOjwtC5cdQXHODI1stAYLVJpR60uHH9sYQOR90DQru-zITyeZVKXnJsEeuLYJFP6E2kFR64JEeBKUfrbq_jUeIV7HJDhrx0EY7W3JmX3adhmXFqbE2g2SeumDib9dZN901kXewdq9b6nOzfn8R5DG2V6QJ1VivkcStyoLxgGHIF0JdT2R62Cjpd_ZfkmMrGEW0tV6PVUk9bPr-9sNMIsSJCiRXElJH0hHf3ZWleHLXE6-Ms-2YUF9XlSH5tjYHeIQoyUrGsYPqDZHoZ4JqbvGnwhoMUnSU8uSEL4U9YMYQqhCW5qXlrTnkrChT7ZFlbaQodq7Ux318DpvWv1EfcjW70d3GKkwX60k2seKFTJhBFM2JiX2omgyJ4tZFT75HGL6jvIBSJ8ZmjWftN_26PPYjBGUxPfbzlVxxcDZSV8qMbghHHXgmzhkJnvXXXpPPRo3zp4sHiusxzn0fKmuKPP_O6JPWmnZfUfV5pCVKaT4jDn_c1C-uk8yCN92uIWkSDi9degSZ-nmWpaHF37evHzN_3mBGA2aVzKx_O33aERtllybsa483wMUjBt-M_cA-lkeT890GsEr9viixw_aYvcgohUcaq3ABQ0jhHpJPJ2VFft2pGAYKBoohBU-rv-tkPreWbjJC7CFctPmo1ZuFxSZzBxqAC41A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160535a4b8935e45a34822b80718a26a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5028102d41054ac5696244c999da749f412c046fbbed4858fe977482eb992f35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=xhrhPNasnl6UQcW46sXSX9o1BuCcjOUK-6UXFOg1nWgueK45AgUpWub737sGT0XyQxTTRdsUUwlTh1-w5L27_kE1X54AACClJvDs86JRknOXbe69KJuCmM-ytX1YiY61eLEPr7go7QJJH_0QnULoCaqLrgwMDa8mkI4msVTOLLvsmp-yoCikXpokPiZSzacttM9CWkmBNk6ANwKoKmC1lYBclmVWQclEcqKQe0zKxtI9NJ4nMeUFdBmN1RL61cc1MkpZJ-GThCeCb-JZk2e1U6yemdTTdmPhomkUx55rtf-dhGKDYtVJ5zUszeMd1yOUfuNTgNFmPY1McL0HIr3dFOdr-kuHMRB7byqSnLZoAW1iEiOnK5GkE8Wrg2lUjrB1ep-HndTLmM_AVOrgqnrH83i4XGD8hdkW146n0QW5ekH8PaloSXaI3wIio1km_pH-Hc6cYG4VdzLE_OVTYrLO-mp-WS__bdPdrTjbpRntr4RqZblL6GPpHw_Rr9beNlaZVYT5sbruY4fSDwoyuFxlF_sypBm8hjN3rHxDZgEIspPH-mkBVAEJfPVMyt0IpM2luByKE0g75e7xYIZkGg16esprMYfmO9xEOeliZNlq-N2zTVel1NG-sTZElgO5DZKbelBQ3qzpIlCzEHJCGKBq6ZtBHCBeXbw0ZRMAkqGXfON17ZOxaf-FbWk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
31071da207fe9b679c48a7b112450a31aa97e1ffc22a0599c79fb87f247ef322

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=xhrhPNasnl6UQcW46sXSX9o1BuCcjOUK-6UXFOg1nWgueK45AgUpWub737sGT0XyQxTTRdsUUwlTh1-w5L27_kE1X54AACClJvDs86JRknOXbe69KJuCmM-ytX1YiY61eLEPr7go7QJJH_0QnULoCaqLrgwMDa8mkI4msVTOLLvsmp-yoCikXpokPiZSzacttM9CWkmBNk6ANwKoKmC1lYBclmVWQclEcqKQe0zKxtI9NJ4nMeUFdBmN1RL61cc1MkpZJ-GThCeCb-JZk2e1U6yemdTTdmPhomkUx55rtf-dhGKDYtVJ5zUszeMd1yOUfuNTgNFmPY1McL0HIr3dFOdr-kuHMRB7byqSnLZoAW1iEiOnK5GkE8Wrg2lUjrB1ep-HndTLmM_AVOrgqnrH83i4XGD8hdkW146n0QW5ekH8PaloSXaI3wIio1km_pH-Hc6cYG4VdzLE_OVTYrLO-mp-WS__bdPdrTjbpRntr4RqZblL6GPpHw_Rr9beNlaZVYT5sbruY4fSDwoyuFxlF_sypBm8hjN3rHxDZgEIspPH-mkBVAEJfPVMyt0IpM2luByKE0g75e7xYIZkGg16esprMYfmO9xEOeliZNlq-N2zTVel1NG-sTZElgO5DZKbelBQ3qzpIlCzEHJCGKBq6ZtBHCBeXbw0ZRMAkqGXfON17ZOxaf-FbWk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:35:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605358a8a3093b7404578b78d9640b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:35:59 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:35:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
392f0fc5ce63e60f2db3d0da8d019c5e6ca2015f9600a9dfa9179e6d84701a69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=44NcEc_-jqsLDnfDfwxul-c45lRpWGRp6MXmO6ohUu0b3ga5nX3iAOBKve4mE65-cCMZG4Lu_878V6U7z-ivghWUZGUgbmqcPZGbjclhgePxkdpZDYrlWsvE5UkaT7LCfot5GuPz4pYyrsziH7cyI2KrjJw20qC3_o0Vw5l2WeGVPxeUT9xBKpi0S8FWdrF-cym7sbkSa8Aa2ArTF2xAT5gaZ4U7iRHJ0SLk-9nR5DKOSoqLhUj-lSpDHGCkl1LAB1OtiBRiJDqlAC_y5nkB0Z9t74XmUvkolUXNWBxltPOYTzij7bqQ94n-sduBIxfdhecDyGmHbuhkuPuWwA8zyPR3tNvb025CzyJ_TYbsA4OBBLwaLFtegPwjnd9N-qosjWrSFrzgJLh6IKW-f-44ncJsH90_4HMa3CPoFnlXYXB1lYWyTrIkuIDkobcVUcKg3uqzjL79P7ywjnXx0CTy-uTQC1zJcjqnmOD-M-8af0V3p7HhrKHs4C4VwB-KqeGMsu7vqUlQ02ofSA6ardFeiSGa0I9qENswFwUuV3AbDWoWgTOPdH4W_y04AXLNGWwEGMrfOUwyudcOy0q38JLGKFMuoY7kb0PybwPI2K5O0A2iSa_6Zg0XWDxWTF8usDi2o5SwMxmsGZOua3ka26uI7jOE0lUGTqY0eL7_yrkWhNzTtqU5PcQ0Lr8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
851bfa395b31d287eabbeccbf7a7b5d6fc0f7db1fa0917d62ade7499f48f3bbf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=44NcEc_-jqsLDnfDfwxul-c45lRpWGRp6MXmO6ohUu0b3ga5nX3iAOBKve4mE65-cCMZG4Lu_878V6U7z-ivghWUZGUgbmqcPZGbjclhgePxkdpZDYrlWsvE5UkaT7LCfot5GuPz4pYyrsziH7cyI2KrjJw20qC3_o0Vw5l2WeGVPxeUT9xBKpi0S8FWdrF-cym7sbkSa8Aa2ArTF2xAT5gaZ4U7iRHJ0SLk-9nR5DKOSoqLhUj-lSpDHGCkl1LAB1OtiBRiJDqlAC_y5nkB0Z9t74XmUvkolUXNWBxltPOYTzij7bqQ94n-sduBIxfdhecDyGmHbuhkuPuWwA8zyPR3tNvb025CzyJ_TYbsA4OBBLwaLFtegPwjnd9N-qosjWrSFrzgJLh6IKW-f-44ncJsH90_4HMa3CPoFnlXYXB1lYWyTrIkuIDkobcVUcKg3uqzjL79P7ywjnXx0CTy-uTQC1zJcjqnmOD-M-8af0V3p7HhrKHs4C4VwB-KqeGMsu7vqUlQ02ofSA6ardFeiSGa0I9qENswFwUuV3AbDWoWgTOPdH4W_y04AXLNGWwEGMrfOUwyudcOy0q38JLGKFMuoY7kb0PybwPI2K5O0A2iSa_6Zg0XWDxWTF8usDi2o5SwMxmsGZOua3ka26uI7jOE0lUGTqY0eL7_yrkWhNzTtqU5PcQ0Lr8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=44NcEc_-jqsLDnfDfwxul-c45lRpWGRp6MXmO6ohUu0b3ga5nX3iAOBKve4mE65-cCMZG4Lu_878V6U7z-ivghWUZGUgbmqcPZGbjclhgePxkdpZDYrlWsvE5UkaT7LCfot5GuPz4pYyrsziH7cyI2KrjJw20qC3_o0Vw5l2WeGVPxeUT9xBKpi0S8FWdrF-cym7sbkSa8Aa2ArTF2xAT5gaZ4U7iRHJ0SLk-9nR5DKOSoqLhUj-lSpDHGCkl1LAB1OtiBRiJDqlAC_y5nkB0Z9t74XmUvkolUXNWBxltPOYTzij7bqQ94n-sduBIxfdhecDyGmHbuhkuPuWwA8zyPR3tNvb025CzyJ_TYbsA4OBBLwaLFtegPwjnd9N-qosjWrSFrzgJLh6IKW-f-44ncJsH90_4HMa3CPoFnlXYXB1lYWyTrIkuIDkobcVUcKg3uqzjL79P7ywjnXx0CTy-uTQC1zJcjqnmOD-M-8af0V3p7HhrKHs4C4VwB-KqeGMsu7vqUlQ02ofSA6ardFeiSGa0I9qENswFwUuV3AbDWoWgTOPdH4W_y04AXLNGWwEGMrfOUwyudcOy0q38JLGKFMuoY7kb0PybwPI2K5O0A2iSa_6Zg0XWDxWTF8usDi2o5SwMxmsGZOua3ka26uI7jOE0lUGTqY0eL7_yrkWhNzTtqU5PcQ0Lr8=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=44NcEc_-jqsLDnfDfwxul-c45lRpWGRp6MXmO6ohUu0b3ga5nX3iAOBKve4mE65-cCMZG4Lu_878V6U7z-ivghWUZGUgbmqcPZGbjclhgePxkdpZDYrlWsvE5UkaT7LCfot5GuPz4pYyrsziH7cyI2KrjJw20qC3_o0Vw5l2WeGVPxeUT9xBKpi0S8FWdrF-cym7sbkSa8Aa2ArTF2xAT5gaZ4U7iRHJ0SLk-9nR5DKOSoqLhUj-lSpDHGCkl1LAB1OtiBRiJDqlAC_y5nkB0Z9t74XmUvkolUXNWBxltPOYTzij7bqQ94n-sduBIxfdhecDyGmHbuhkuPuWwA8zyPR3tNvb025CzyJ_TYbsA4OBBLwaLFtegPwjnd9N-qosjWrSFrzgJLh6IKW-f-44ncJsH90_4HMa3CPoFnlXYXB1lYWyTrIkuIDkobcVUcKg3uqzjL79P7ywjnXx0CTy-uTQC1zJcjqnmOD-M-8af0V3p7HhrKHs4C4VwB-KqeGMsu7vqUlQ02ofSA6ardFeiSGa0I9qENswFwUuV3AbDWoWgTOPdH4W_y04AXLNGWwEGMrfOUwyudcOy0q38JLGKFMuoY7kb0PybwPI2K5O0A2iSa_6Zg0XWDxWTF8usDi2o5SwMxmsGZOua3ka26uI7jOE0lUGTqY0eL7_yrkWhNzTtqU5PcQ0Lr8=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536d5769879c1db4833a15090e18c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9942856fd9d480692b98e3cadd56d973fe796093b5c6ba6f6f8a78aaecd42856

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=xhHV1DYS-0bWeqB-ETjc6NXcBE6NpejRasTX9weEEcq9ZJ12MI9P5_WQieMcfgEScGAG3dtHPKnLX_bPysNUp85CWdReh1k392sxrj-hv9iJLV5M8asKjiad443tyIJVMsr9bx6K9I0VDHLT5EZubaB1iCUIBCekCGhIzmM8kLdUUaT_vUcCI1Pq_CFHVuNTDhgNjcRcBHX98T_j-BgLFgXZ-ZwnvOH_I24EK4U1BCUTmhXBfH1jScucdTcpV3YRJToHYrmum_l1d7AnXaUYTCbqhIeitoHkaqIM-OjCJQNHQbrvv34K_R8MZn-teW_4MySIXn082ma_fwBvKZ0nXQEPLhmflrh6r0738OpSPkddMphXrBYtfZWKK63HesyXJMEHKvvWiDqwcJRI2zpGpVkQ-DCZkg6h03jWyCZrzUYXRhZmShGHdgtYgHL1wyVoknS4-oNYAnPOJPDVK3jOpuXtidkXqkbsr5KaPQRO-DZwH08WWSGea2UOBT8EKiST4iuH0DgvdBmYzIzN_hseyJaecSv6Dx5nPsf8nVA8Krw1NKrjOWakd7gfjmUtgoMjzCPR-FebiT0IqaN6h0kEusfo_NWy-XYQDN3cJep4JFN87hdhZnRqWPpZjQ4v8XxqrH5QDTj2Czn4Cb6k95DOf7kpfunWLE8BjP2pfdxORiAOPFOWjCsBYHs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2584ef78da9d2d6e269fa019d66f0e7efb3bca4390e263b0930421626c9e8d2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=xhHV1DYS-0bWeqB-ETjc6NXcBE6NpejRasTX9weEEcq9ZJ12MI9P5_WQieMcfgEScGAG3dtHPKnLX_bPysNUp85CWdReh1k392sxrj-hv9iJLV5M8asKjiad443tyIJVMsr9bx6K9I0VDHLT5EZubaB1iCUIBCekCGhIzmM8kLdUUaT_vUcCI1Pq_CFHVuNTDhgNjcRcBHX98T_j-BgLFgXZ-ZwnvOH_I24EK4U1BCUTmhXBfH1jScucdTcpV3YRJToHYrmum_l1d7AnXaUYTCbqhIeitoHkaqIM-OjCJQNHQbrvv34K_R8MZn-teW_4MySIXn082ma_fwBvKZ0nXQEPLhmflrh6r0738OpSPkddMphXrBYtfZWKK63HesyXJMEHKvvWiDqwcJRI2zpGpVkQ-DCZkg6h03jWyCZrzUYXRhZmShGHdgtYgHL1wyVoknS4-oNYAnPOJPDVK3jOpuXtidkXqkbsr5KaPQRO-DZwH08WWSGea2UOBT8EKiST4iuH0DgvdBmYzIzN_hseyJaecSv6Dx5nPsf8nVA8Krw1NKrjOWakd7gfjmUtgoMjzCPR-FebiT0IqaN6h0kEusfo_NWy-XYQDN3cJep4JFN87hdhZnRqWPpZjQ4v8XxqrH5QDTj2Czn4Cb6k95DOf7kpfunWLE8BjP2pfdxORiAOPFOWjCsBYHs=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605360cca4bdd14304b4f988298510b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5080c26a13d5c03573a1bb4b2db7dbe2c4303be9a014c7bf98faa8782a1d300b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z1ZsrP059Rl38imJxPdNeVu4jvcEN5hnoCqYR8Sc_5AoystVAwnSsje2MACs45cbh4gsilZcL-Z5nWLb4YuZIkFbxjI_IMkVRtnXXqdrnR5mvyGyICx-wimJZph4V7ZQy3NRSZdYVAMikTlzHl4XwudXzCn-BLYUipTJgKHbJRbxvMAcxLX6pTjSpZawOluBnzKQJSDsyhmPmwHzgJyUEtk1efBwh-_AEKjrIfwA-3pC01hfxuHFPNuOh7rsGPqkZdfJCHvSL45IEFiF2SV_m437Y6yWCZVjElNKp6ARXFWdtjwX1EDPYgXXbiZxVgRIgM02NHJqIrsc7Yx34ZwibeDGHu7ki3nu9h_KCQHIbXj1ekvASN8wO-5b_k9O5ZVDgVkJGqyZYDDB7DMkKV-dJjumF5VVvv_HLEc5DjOxZz-fHHSVb3qONMABIryLSkhYBj4DYkbB6T_MB-NuKX7n7XvNJLA9QKqnPx3AEVWoTy_z2JgpAGRjOBq_DEsQARE7q3B4H0LVV2eC7b8aL8460jCEWCsLmPZuP0kI7BkEl2aa3mTWs3FHErG4hccvyTa-rpIm9o_jwshYWiZt8d4iaMofp6RW1uHV_5HYKcySbHvNEWE5R2Vpctz1NH8p6HZJkuD0kGFsXMUenRXHcztZhrsk6gcvBWJ1t40pgYT9AsCLzYnLlEt4UVw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2027fd64836483756fb6ea2e9acc4652f86f0e54d75433cd269c617a7e5a8bc5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z1ZsrP059Rl38imJxPdNeVu4jvcEN5hnoCqYR8Sc_5AoystVAwnSsje2MACs45cbh4gsilZcL-Z5nWLb4YuZIkFbxjI_IMkVRtnXXqdrnR5mvyGyICx-wimJZph4V7ZQy3NRSZdYVAMikTlzHl4XwudXzCn-BLYUipTJgKHbJRbxvMAcxLX6pTjSpZawOluBnzKQJSDsyhmPmwHzgJyUEtk1efBwh-_AEKjrIfwA-3pC01hfxuHFPNuOh7rsGPqkZdfJCHvSL45IEFiF2SV_m437Y6yWCZVjElNKp6ARXFWdtjwX1EDPYgXXbiZxVgRIgM02NHJqIrsc7Yx34ZwibeDGHu7ki3nu9h_KCQHIbXj1ekvASN8wO-5b_k9O5ZVDgVkJGqyZYDDB7DMkKV-dJjumF5VVvv_HLEc5DjOxZz-fHHSVb3qONMABIryLSkhYBj4DYkbB6T_MB-NuKX7n7XvNJLA9QKqnPx3AEVWoTy_z2JgpAGRjOBq_DEsQARE7q3B4H0LVV2eC7b8aL8460jCEWCsLmPZuP0kI7BkEl2aa3mTWs3FHErG4hccvyTa-rpIm9o_jwshYWiZt8d4iaMofp6RW1uHV_5HYKcySbHvNEWE5R2Vpctz1NH8p6HZJkuD0kGFsXMUenRXHcztZhrsk6gcvBWJ1t40pgYT9AsCLzYnLlEt4UVw=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605367f9639040a184b4a8115d8eeb3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b63e830dfe35e4e54bbddf4490e0b050498c11312212f8ddedebc8f7b43aebed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=V8700Pzb4NdIuRGyOXvtXokRALr2ojja8Swx4b3kJepPPFxMWG_Ila_PxZgs_1tBJmsjGqYBX88mDdUJrtkDNMgHQWSit9wbVuFYr-z0Y7FkG2cHk_BvAHj8nLLvJkpDj9hmzR9uEw9rUJiondIGnml_eCB3X2TXffYLIxgm3IRD8DoU0i-sPa_b-m9imG8YbJ5KzpOv6y1TmxwpiZ4a-NxLTWF8k57qOQ0N8h7PRzvLK5hg_K3jvBVvfQKwobsVLUlwftAJff8gbb4QFyWLwfH5YX_HC1vVlEytIV_P5mon4ljJYlcemMJd4voCXrCisO5uKOWWzPOHHlzT-a-8sufqM5AlHvwWp7qnKGX5HWw9smVDG26cB_J8CLMbRPMwCKN0PzLpASGPOcr0msbuf51jEyZKO3qQwuwBTl_ObVzR8Ajj6BMBEltGeQ2Mbog1KOkhiQs7doqltscxew4vDJemVcc9JpFdQZd6lgL4kEPXjnkh7a2ZY-raaPqMFgqDJCM5a58ljZ8er0-puZPvFyceU2moSXB2s-6FsTHVKOUlu55MKG77gLG6oV2Z9BhGK-ZUSABoXZqD3Agwi8k7OFt6792E06RQaNry5xQiDUZjRkaG-WLRDU8zelP5FVXOwsUj0x6SMhGQmvPhGjz1_eAhesSDQtq2dIKiNaXqnnG7lZE6ap208BM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0309d56b4bf8772a7355d29e3493c75f2b6019ca88b7e3b033476a5d92c843cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=V8700Pzb4NdIuRGyOXvtXokRALr2ojja8Swx4b3kJepPPFxMWG_Ila_PxZgs_1tBJmsjGqYBX88mDdUJrtkDNMgHQWSit9wbVuFYr-z0Y7FkG2cHk_BvAHj8nLLvJkpDj9hmzR9uEw9rUJiondIGnml_eCB3X2TXffYLIxgm3IRD8DoU0i-sPa_b-m9imG8YbJ5KzpOv6y1TmxwpiZ4a-NxLTWF8k57qOQ0N8h7PRzvLK5hg_K3jvBVvfQKwobsVLUlwftAJff8gbb4QFyWLwfH5YX_HC1vVlEytIV_P5mon4ljJYlcemMJd4voCXrCisO5uKOWWzPOHHlzT-a-8sufqM5AlHvwWp7qnKGX5HWw9smVDG26cB_J8CLMbRPMwCKN0PzLpASGPOcr0msbuf51jEyZKO3qQwuwBTl_ObVzR8Ajj6BMBEltGeQ2Mbog1KOkhiQs7doqltscxew4vDJemVcc9JpFdQZd6lgL4kEPXjnkh7a2ZY-raaPqMFgqDJCM5a58ljZ8er0-puZPvFyceU2moSXB2s-6FsTHVKOUlu55MKG77gLG6oV2Z9BhGK-ZUSABoXZqD3Agwi8k7OFt6792E06RQaNry5xQiDUZjRkaG-WLRDU8zelP5FVXOwsUj0x6SMhGQmvPhGjz1_eAhesSDQtq2dIKiNaXqnnG7lZE6ap208BM=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21111605367d6fd5595193491aa89444bf5e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
644fcc8f041f7765022b014adba25baa4c8c55d29e67663540061165920078ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:00 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z9ToOJM70vTC3CdpAd-CThzUK7Td0efKPHG8COhfkB6A-e1_DbjbOTRjduKvoQS-Dd5s8eDk-QmLZyDOHhqqQB7_5YrKdHFdZyIqOiBVEXEqqqeLk-nSvV_tm7qleLqPsFbxhHqOpj4ZZ_6RgCFpKPZ-WXVpgAB-yNd30k1nN1NJY9ALewzDJVw80jhAQyweANPA7ws0VVRVCwl1ph_OJRacrAo0-ZHxA3I1td-2LiFK1_GI1djhJN4yXeO99GJWDc7wNp9caSUVOqToMRDSNbk-gP0qrI_-O2j2A_9Q9Ac_eTS9_qG0ESgPqznD3a3ESwNswmUu042Hi5vslqsQbZaHb7qxqMo6CuYcEMWIrkTT9mRO54mio3phNvtwlDGj2_xzQ4pC_78cTYl1i8l_HRpvPD6XwFx5iB9CkV1OHL-QL1ga3ENQ5-IHINiMiDQDVD4QV3jbSk3q3JtfaEeeQimx4FJ3zy34x_Ql-KIZ1hJem5vSeDPXfcblGVxfdb_R1l1nSqrFcHFNVX899hxzXCWpAtyTT669CFKnIxFhiALBLWmLEfmK4MlaMQuDQLxuayKSG6nu4FM-I-tHeTAT_S9SndS1FI7l6oBBp69_FrVZ8Dl29jhyliOSGh7TUMmgsWxFbzLM1QZHSxJI-muOUi13vmd6uUaq342LYOX9OXR4nTPphUJpgqk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
08b2fb7129438105e3ec8124868d6d0aab29358ddb396af7967c16b97a7df3ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z9ToOJM70vTC3CdpAd-CThzUK7Td0efKPHG8COhfkB6A-e1_DbjbOTRjduKvoQS-Dd5s8eDk-QmLZyDOHhqqQB7_5YrKdHFdZyIqOiBVEXEqqqeLk-nSvV_tm7qleLqPsFbxhHqOpj4ZZ_6RgCFpKPZ-WXVpgAB-yNd30k1nN1NJY9ALewzDJVw80jhAQyweANPA7ws0VVRVCwl1ph_OJRacrAo0-ZHxA3I1td-2LiFK1_GI1djhJN4yXeO99GJWDc7wNp9caSUVOqToMRDSNbk-gP0qrI_-O2j2A_9Q9Ac_eTS9_qG0ESgPqznD3a3ESwNswmUu042Hi5vslqsQbZaHb7qxqMo6CuYcEMWIrkTT9mRO54mio3phNvtwlDGj2_xzQ4pC_78cTYl1i8l_HRpvPD6XwFx5iB9CkV1OHL-QL1ga3ENQ5-IHINiMiDQDVD4QV3jbSk3q3JtfaEeeQimx4FJ3zy34x_Ql-KIZ1hJem5vSeDPXfcblGVxfdb_R1l1nSqrFcHFNVX899hxzXCWpAtyTT669CFKnIxFhiALBLWmLEfmK4MlaMQuDQLxuayKSG6nu4FM-I-tHeTAT_S9SndS1FI7l6oBBp69_FrVZ8Dl29jhyliOSGh7TUMmgsWxFbzLM1QZHSxJI-muOUi13vmd6uUaq342LYOX9OXR4nTPphUJpgqk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z9ToOJM70vTC3CdpAd-CThzUK7Td0efKPHG8COhfkB6A-e1_DbjbOTRjduKvoQS-Dd5s8eDk-QmLZyDOHhqqQB7_5YrKdHFdZyIqOiBVEXEqqqeLk-nSvV_tm7qleLqPsFbxhHqOpj4ZZ_6RgCFpKPZ-WXVpgAB-yNd30k1nN1NJY9ALewzDJVw80jhAQyweANPA7ws0VVRVCwl1ph_OJRacrAo0-ZHxA3I1td-2LiFK1_GI1djhJN4yXeO99GJWDc7wNp9caSUVOqToMRDSNbk-gP0qrI_-O2j2A_9Q9Ac_eTS9_qG0ESgPqznD3a3ESwNswmUu042Hi5vslqsQbZaHb7qxqMo6CuYcEMWIrkTT9mRO54mio3phNvtwlDGj2_xzQ4pC_78cTYl1i8l_HRpvPD6XwFx5iB9CkV1OHL-QL1ga3ENQ5-IHINiMiDQDVD4QV3jbSk3q3JtfaEeeQimx4FJ3zy34x_Ql-KIZ1hJem5vSeDPXfcblGVxfdb_R1l1nSqrFcHFNVX899hxzXCWpAtyTT669CFKnIxFhiALBLWmLEfmK4MlaMQuDQLxuayKSG6nu4FM-I-tHeTAT_S9SndS1FI7l6oBBp69_FrVZ8Dl29jhyliOSGh7TUMmgsWxFbzLM1QZHSxJI-muOUi13vmd6uUaq342LYOX9OXR4nTPphUJpgqk=
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z9ToOJM70vTC3CdpAd-CThzUK7Td0efKPHG8COhfkB6A-e1_DbjbOTRjduKvoQS-Dd5s8eDk-QmLZyDOHhqqQB7_5YrKdHFdZyIqOiBVEXEqqqeLk-nSvV_tm7qleLqPsFbxhHqOpj4ZZ_6RgCFpKPZ-WXVpgAB-yNd30k1nN1NJY9ALewzDJVw80jhAQyweANPA7ws0VVRVCwl1ph_OJRacrAo0-ZHxA3I1td-2LiFK1_GI1djhJN4yXeO99GJWDc7wNp9caSUVOqToMRDSNbk-gP0qrI_-O2j2A_9Q9Ac_eTS9_qG0ESgPqznD3a3ESwNswmUu042Hi5vslqsQbZaHb7qxqMo6CuYcEMWIrkTT9mRO54mio3phNvtwlDGj2_xzQ4pC_78cTYl1i8l_HRpvPD6XwFx5iB9CkV1OHL-QL1ga3ENQ5-IHINiMiDQDVD4QV3jbSk3q3JtfaEeeQimx4FJ3zy34x_Ql-KIZ1hJem5vSeDPXfcblGVxfdb_R1l1nSqrFcHFNVX899hxzXCWpAtyTT669CFKnIxFhiALBLWmLEfmK4MlaMQuDQLxuayKSG6nu4FM-I-tHeTAT_S9SndS1FI7l6oBBp69_FrVZ8Dl29jhyliOSGh7TUMmgsWxFbzLM1QZHSxJI-muOUi13vmd6uUaq342LYOX9OXR4nTPphUJpgqk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2111160536dfdda1a5d17e4839bcdf566c14&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
07f747ba654042568463284f57b19be4e0463c20a5319b204c9a1854d419feb4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=UIWALQaaMYfaQXG0OHnIxh2nrrmuT09RJhF0RRlpxSWMNZS_3loDZA3b0XfdmdGctw3mxU_lbFr-Pz68G8zX1d2JZGEcNlgWCAWFCXknHz0wOVQQaA4llB4XiH6kdH8tnnrOfZo7O7kQBM68Eri8PopzWL2Bk10OVZJNBHErbhWwXxp4Bd9x3MgZKffDrhjPB7LasXwI4eNw2MjUiuPGqVeCc820_QGN1Lh0UePmgRbibpNd7FqW3rT0VlA-B3HRvhX2bYbxcub11d7wQvIklf6xLScBEgvsg5NZmll5fuGki9er_JL_e8GICbP4ptrKInnLaCs7FfHlPpjaWloGim2j9vkKsvsoq9rMJhJM-lezI9GTqyqjtRyYlLrhZcW6pHw66Koib_2dfWyge4N7J6HvWMOF6qOwNpPlhgEL9aXCuPr2oVHVRp9xpeWF7pKUttx1JIQfRDIfQvK34GGVLNdTu9MopiTi2sC2quyIaFLa2KvbckSStQjNtb51kU1yBTRMnMJyqcSSgMXR84Gdueg9ciWlCrFe5bQVsg_LEUpwKyHFfaEManKg0bPS0419bP6v9oHn42kc3QacbTwWYTyKDMjRx8fSqH6aQrMEqCd9EeckTA4qCmOqvfDNTcE46YdbU7L66RB9JRRxjq9zfdXUOVups_E0VsTrcfC8_MfNeFAAnuEA4-Q=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
444516359b1a965c35e98aa98f39ddc53d6cce7dfb7dc8fe0db24335eaa83f29

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=UIWALQaaMYfaQXG0OHnIxh2nrrmuT09RJhF0RRlpxSWMNZS_3loDZA3b0XfdmdGctw3mxU_lbFr-Pz68G8zX1d2JZGEcNlgWCAWFCXknHz0wOVQQaA4llB4XiH6kdH8tnnrOfZo7O7kQBM68Eri8PopzWL2Bk10OVZJNBHErbhWwXxp4Bd9x3MgZKffDrhjPB7LasXwI4eNw2MjUiuPGqVeCc820_QGN1Lh0UePmgRbibpNd7FqW3rT0VlA-B3HRvhX2bYbxcub11d7wQvIklf6xLScBEgvsg5NZmll5fuGki9er_JL_e8GICbP4ptrKInnLaCs7FfHlPpjaWloGim2j9vkKsvsoq9rMJhJM-lezI9GTqyqjtRyYlLrhZcW6pHw66Koib_2dfWyge4N7J6HvWMOF6qOwNpPlhgEL9aXCuPr2oVHVRp9xpeWF7pKUttx1JIQfRDIfQvK34GGVLNdTu9MopiTi2sC2quyIaFLa2KvbckSStQjNtb51kU1yBTRMnMJyqcSSgMXR84Gdueg9ciWlCrFe5bQVsg_LEUpwKyHFfaEManKg0bPS0419bP6v9oHn42kc3QacbTwWYTyKDMjRx8fSqH6aQrMEqCd9EeckTA4qCmOqvfDNTcE46YdbU7L66RB9JRRxjq9zfdXUOVups_E0VsTrcfC8_MfNeFAAnuEA4-Q=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536ff89a1bfd14647f0a6af168c83&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0e05f4004430d9af81955e533385ec4d1386232194f0a75d1733ddbaecc4e95e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=6suHxVQhH1x_drvmBiGR9HWMukOj3e9TRspSfPwUbp313qrwXtKkgC0w3lW3kEC8M8Zck2VHDteoEj1dJVT7puKKeGFaTP9O4MBblf8b-01UZgMccKibD44v02pT3iSjdV6e-Xi_h-ezFnQKbMVK-7rfpeenpAQTXW4A3lZukMGWlVA_DfzK5kUGDrFxgkYJA-5qYcgtQnH6d2REFlQzNZG6XW20K_pZ8EIHMdIJiKzguyLMnbgCX20rjIAragGn5Xzq34Y-1CyFaFCbu7ZRUvPnEPpeL9SQyuYJ5OZx-iKag4GRYaNssuh-rfAtifVx42fxTIU0FnkbLgmt251gcjWu7WJoJNv44Pwp3OwsLfiw9KkJ_jo-iDaqgZaR_9c-_c2mNNVQL9sIXgOrHoA7rJvkjNtgxsysHXWnCQzX0Gtes9Jelwj_CGpCaPBitt10sHYXnAdcFXmEhcZwomgFjRxJZhhbaa1PgvxcUL1B8CNCVUKooTOYkY8zSf7jqMPcMj6Dm0fKi3-7acER9ZLuWTwvOxG-gbbpK7QcxN0xL30Rr62UZmFcnSH3hHB76y_GEjyrmmF7lrPxwmgIDmJ04Hb0WRusKByq3sQ060X-AgMLHr2JbJNfr5A7_PTPPdBDPqcfyCD2qGMVDQmLHmaYbJtjc5DhcvANYZL00kK0xO3L49XpAUuPwKk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9b2a643f7037a63a4b0fa8673e44166d30265bda52fd5dce6c3d1bb5c35c6657

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=6suHxVQhH1x_drvmBiGR9HWMukOj3e9TRspSfPwUbp313qrwXtKkgC0w3lW3kEC8M8Zck2VHDteoEj1dJVT7puKKeGFaTP9O4MBblf8b-01UZgMccKibD44v02pT3iSjdV6e-Xi_h-ezFnQKbMVK-7rfpeenpAQTXW4A3lZukMGWlVA_DfzK5kUGDrFxgkYJA-5qYcgtQnH6d2REFlQzNZG6XW20K_pZ8EIHMdIJiKzguyLMnbgCX20rjIAragGn5Xzq34Y-1CyFaFCbu7ZRUvPnEPpeL9SQyuYJ5OZx-iKag4GRYaNssuh-rfAtifVx42fxTIU0FnkbLgmt251gcjWu7WJoJNv44Pwp3OwsLfiw9KkJ_jo-iDaqgZaR_9c-_c2mNNVQL9sIXgOrHoA7rJvkjNtgxsysHXWnCQzX0Gtes9Jelwj_CGpCaPBitt10sHYXnAdcFXmEhcZwomgFjRxJZhhbaa1PgvxcUL1B8CNCVUKooTOYkY8zSf7jqMPcMj6Dm0fKi3-7acER9ZLuWTwvOxG-gbbpK7QcxN0xL30Rr62UZmFcnSH3hHB76y_GEjyrmmF7lrPxwmgIDmJ04Hb0WRusKByq3sQ060X-AgMLHr2JbJNfr5A7_PTPPdBDPqcfyCD2qGMVDQmLHmaYbJtjc5DhcvANYZL00kK0xO3L49XpAUuPwKk=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605368dcc00dbaf11450eafcc5c6032&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0c354acd4b959676dc4d1fb35aa725c9a6b8877bbdb1c734b8a10a1ecbabded5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=Q-oj8Jz-tQg4XrvynQ10IyVImupDpq8p8wkEcpOEoyuJBq8MHXYaXQk_Y9LB3jDHKQ-ni7A6C4ZR9oQVwBe-JmDNgPsNgxuRbYjw4_eV0P6Dw8X7FYWYEn5MoVC6mb61CAToGICjMgbAZVK2jffp6i2IbyMQeDqwuXOkdMWED7rXfd3MStOAukfjc1SbH4Hcp22sqrYo9lw8wzdtpKb-0T4vmbWe3l-ume2VVX9aXT2TqOfH2-56IURRDeA5UZTJgH1aNLrx93R_PE6GbIHqMPONfzoaxL5-HTfO5F8FnKIUCe2eOLzySUflDMR1Y7ZCmbmGV1Isc1m19Oqx9RGdbZ9-IuvR2X5KSCm8RLTjYPcU3cLlhWvOxtiNA7YYgbkfle83Avad6XxCQmM-kM-GQ7BnV6MpAmUNaULOiJMszp58mPoRe32x1qzLfq_SBWf5EGJ0kzAt8jC2IyoYSQBXz-G8BFjzRhVATprM3VmtFkrnTyVv60Djc-He70LtaCEJHoMXvW6sJ0VkfT3ipvCOe_FlDST00hTiyg2NJxx_tGdJOmX4k5PGvujUcSYrajwpDltkFvxQIzNjnuE3IMT82eoqiAMqXlSDXSOzMcDH_YGfUb3-lT6LCCy8RBjzhUnc1MSdPYnH34vgCGqsRT7u3IygeN6aJhNIPHmcauqk8NtO0YupvlyhFr0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=Q-oj8Jz-tQg4XrvynQ10IyVImupDpq8p8wkEcpOEoyuJBq8MHXYaXQk_Y9LB3jDHKQ-ni7A6C4ZR9oQVwBe-JmDNgPsNgxuRbYjw4_eV0P6Dw8X7FYWYEn5MoVC6mb61CAToGICjMgbAZVK2jffp6i2IbyMQeDqwuXOkdMWED7rXfd3MStOAukfjc1SbH4Hcp22sqrYo9lw8wzdtpKb-0T4vmbWe3l-ume2VVX9aXT2TqOfH2-56IURRDeA5UZTJgH1aNLrx93R_PE6GbIHqMPONfzoaxL5-HTfO5F8FnKIUCe2eOLzySUflDMR1Y7ZCmbmGV1Isc1m19Oqx9RGdbZ9-IuvR2X5KSCm8RLTjYPcU3cLlhWvOxtiNA7YYgbkfle83Avad6XxCQmM-kM-GQ7BnV6MpAmUNaULOiJMszp58mPoRe32x1qzLfq_SBWf5EGJ0kzAt8jC2IyoYSQBXz-G8BFjzRhVATprM3VmtFkrnTyVv60Djc-He70LtaCEJHoMXvW6sJ0VkfT3ipvCOe_FlDST00hTiyg2NJxx_tGdJOmX4k5PGvujUcSYrajwpDltkFvxQIzNjnuE3IMT82eoqiAMqXlSDXSOzMcDH_YGfUb3-lT6LCCy8RBjzhUnc1MSdPYnH34vgCGqsRT7u3IygeN6aJhNIPHmcauqk8NtO0YupvlyhFr0=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2111160536c55c637a352c460aa19b698b10&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
afa90472e95750689fafa404e0aca14fb3fd26d83c778045a1d1f7460ae7cd2b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:01 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=mATsZO621QpazSEN8RfL3oiY-xarSTlqBIDfiLPz_fpFOv3v3ndKUhNNkuhnYReIY96CzcWhyqASqmNqBGLiA105yUI_t10rNUkhVLewinIT1PCYV2TovjoXKoQqlvsdEOIB78RLyvDHGcXMV72pumW0JBA_PmA51KxYqwsi4vlkkbFK00SgUB4dNm3LVId6Dqrd5MsU3ur3RogiXYiQYpCTl2YODnfnOFoLjwXCA6B7bjsFkRVjxttQzHZC-XBknNljs-1B35UMjde4emHH6gG6vNVQIf8DA19urAv6l09lkI8Q0BXPG425qX4YNz1CJ4tgcGBrB3lOxwc9LIOKUpqtAFHKeV7S067EZudxokWU8FYZqBK9gC9iwEA0Y_6RtSmOXgrWPVOrdQ-tFvevuLaVjbmK_Yw3hNdxMQPm1d6o26AHWSlgQ9RaDUS4k8PP604twng5ePr6sSctorCRU7Y_jRHLPURJBu3dNIbnK03bJcI-7aOTuSmW_s1WeWj18fxXhGnQ7wzeE_M3lauox9ukzlhCsuwD76Xnti0ZQ5XLBI-6Dv-x8MkTxynKOT4eqk61B3x11Ln4jF3iR4m9DGd_VWqEBDV1qoTnJ-eaEmkLWxJRBHxStfinIAEM_ESRy7tIaQcIjB2dDs-rx7_0i1Nh43OVxX-LwxjProszozURFNxq_Vx46uI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
67e960a19b70a914447a26bbba595febc749ad267744cfe87a4c0d405e40ac54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 10:36:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
Primary Request index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=mATsZO621QpazSEN8RfL3oiY-xarSTlqBIDfiLPz_fpFOv3v3ndKUhNNkuhnYReIY96CzcWhyqASqmNqBGLiA105yUI_t10rNUkhVLewinIT1PCYV2TovjoXKoQqlvsdEOIB78RLyvDHGcXMV72pumW0JBA_PmA51KxYqwsi4vlkkbFK00SgUB4dNm3LVId6Dqrd5MsU3ur3RogiXYiQYpCTl2YODnfnOFoLjwXCA6B7bjsFkRVjxttQzHZC-XBknNljs-1B35UMjde4emHH6gG6vNVQIf8DA19urAv6l09lkI8Q0BXPG425qX4YNz1CJ4tgcGBrB3lOxwc9LIOKUpqtAFHKeV7S067EZudxokWU8FYZqBK9gC9iwEA0Y_6RtSmOXgrWPVOrdQ-tFvevuLaVjbmK_Yw3hNdxMQPm1d6o26AHWSlgQ9RaDUS4k8PP604twng5ePr6sSctorCRU7Y_jRHLPURJBu3dNIbnK03bJcI-7aOTuSmW_s1WeWj18fxXhGnQ7wzeE_M3lauox9ukzlhCsuwD76Xnti0ZQ5XLBI-6Dv-x8MkTxynKOT4eqk61B3x11Ln4jF3iR4m9DGd_VWqEBDV1qoTnJ-eaEmkLWxJRBHxStfinIAEM_ESRy7tIaQcIjB2dDs-rx7_0i1Nh43OVxX-LwxjProszozURFNxq_Vx46uI=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Thu, 18 Nov 2021 10:36:02 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21111605369769e4bf6ebf4449a70deeeaed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 10:36:02 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Thu, 18 Nov 2021 10:36:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=uJPjej_d5luvPLEfqw0hdPnJgU10nZBnpa1-D-PcCSRGUR6luLEb1OW4xIk8EXvHuHHk5XaZlpV3YgxcbJAzsDc152w5bzUA-OG1O4c0Fzdx4MlZmA8fyBMGNucVuHzOKY5BqCweb9fITAeEHqLvwrsr53nc5JZevm-zPVO74cAIvGl8XeqGaBkI_WzstnRo8vbVoH6TzRexXCQUH4B7KC8e_T6Q9ZQmTX-0NTBsTe2eMYW0sPJvIBOjQScOhyGBuqVWtOvce0gtth8XdbFy0Zzzt1cr0E8D5tnW8f2SZW0pw6ZzaNrjap8Nd7UIhE5a-bow1uxOnSEjetzrYNz1M1y0XQGjz6vdq4Zebc3CvQarZ7ilcXIzkvJznYAsr5ozDBa4D_afOSdwYKtzQgk4D0BzDotAipEaaxEBB_ZAp49TM2NlrcgZkk-Cmnkx23pq__fHanM6kDNBcRbdvl8qLB1OcKq4hlGsJlYoHFE7mEvnJyzwJXIXALFCaan4e5VcaNvGHRLvfNIdoOCAup9an7koLmxhaUzvJalLbf3uU-JXifritfnuYGlMC3k4MYQs4WQG7E1W5vwUFaKSvA9zQi-OTJLdgf8WFJiNaaoqFuMci38NWGFbB79gl49hZmgMXG0M5PZgjVEiar5pB4l7SkKnQEuSLWSQHQr119lvd6zT6A-eFaXH-_U=
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=74ee9eb7c63320782dfe10bc9ac4580b1637066132&psp=ly3a3YMAkMtAYCO08PLwjRn2H6ZMRAxor3FsGYZ40dkyN-hjZoYUtXnh5xhFiJ1QXSCcDutPXfE_0oCu0bp_rooTvBC0Q1mtG36uxFX_JvTiQ8JU2TIl7OU-jh0oYvnTAPTNEbv3yVbQggtceCNU2-6dwB8ancfGQ_WFqec3wsrInjDBmAYZnrgG2hNkE8ZrpweyXDZes9kD6MwlqQxuYG_vTalQeSDh_4ddTTtu2BrNBTJMLBs1JvSobqntpYPpSbtB4zQEa1X6I4HQn6SOpvWovEI-RyKn4UJIAKXTMkpVf_bqpp-zEZVFgPzMJeMTKRC9vqS90zlUoqju0Kn6TKU27sVwyrxjI2ESe9szr9YEMJ6YN6Izr-38g5EULXZ-kKg5wAx9JxPAqTDruEncFiJfZ9Isauz5djG34VX4IesJeVVfhzCp6HcGUNw-I6gFsnmHaYGJYgRKuQ3NbDNibIEMXmY2Da1OhOImaxZSV9DioEi9NAGXePONWlW09GO1HTLPLilp5Msm1Y8O4LE0TQWGF1VcfrWs7MpFAptQ3BiqEircxKIIjUhkvyob53N02yXButd2S9LiQzJW4C4LsfU685x3RN4EIknToLh64zS9OBvY-UrTpbj1U5HOFvECYmzA6_zPussEZcYlu7RdEWpsAhdYOix_CmS_CxcloA7d3aJwfxQkpMQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=yuKh0Jy8IOW2Sh3SMFnZfwBya8IcR7p6VQq--ZYGkOXruK_dOl0tirIej56S2U-oqbcpj_DugZBdfcYHGwITz1MqgUzMbgifJJeg88tIcjojCuXsRcMeQnQTNHXUTKs6BfaXowudRySNPMtkaIVa_uFrGWK6af0HBnGLD_2y_v7NaTG_kZkEALgtXK1Asd4yl92PZaU2o8g-JxLm1uKtA0aTit3eeJW3T_BQ4Z2Bbfnaw1WkvWvdgkFFUW-R8Ruk3doHI1f6_p2Ahq060tCMkLb6ge7UVBjA11IrkMxJRwp_eDnD2AhzqNOxMjag76YaPCTgNr_D73IycYRswwqJgxrdsq_RxLkEs6CwKIkso5AV9QiNLpaRcUjXyAP0oYzIaWUz2jjOvcUfxEb0mwvlmuSp-STcm4jWv9TvEj1rxQcIwlLzYA9_TvB0BkmgozUvnB6PDYypu_Gu2QOYCWy86-VJ5ei5WagiL0MwYAEjJotmzcFYn_43g30DOWo6saIdNvpC-bRFAg9kEkm2-LIU6yqVAgGvsXfsO1StoGyCXytkAnnGLQN_xxRwC8vJY6CRwsWaNJoRsAMiFv7fAPRbU-KaDotdwSthfkoDR_XuxJngY34hgtdHoFKPWnfX8089ZdORi6ue6yVt5TgxGw1rxZ5sRbLnxYgYgalv7rtPmrIb1LflkJj-_Nc=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=hjUkflamZQ-_8VglSAGw8NQq9DSofjRSK2WOHUfF-FFusTHEQtc3rU8pZLnZr3lNp1PbUYp3ikYzfDrMDvabeu7d7_Uu4PeUhKDUVua30TM8wMrpWMFNpMXCm5ZKdVF3rIw-x0V99mvY9JaNJI2sgLzglbD3iIxIsWPeIVqb4Ih5enmBKFGlHtQ48rDnhT8i640sNsUpGJdZG3JcRK6CtgGQRo9ZcW0je10FYoCuO9N4Q35FQ6avMt8pVV5d2ci1K3Zy8OtfiFKn6Iq5NswQBFIR2znCIP3jEaEuWtBPbVD-_tuHRMRZHHHrsncZRZtXNITlc29HzxHBQKoutiRy5cigKC38_0RCfFbQz7U-fkpsHX6AnBpp5cqxLTp_d9PtNZ2zxvE5XPsVhboRbdU6mEVac0Q0gcNGBnvsVRKHBmQ_L827pcznoAFjlLCk1gvuqUrs2fVnAih4EpgGZg4Ish5xGMJg2hUjD89szeIvwpURVqn6EDT9s_0_zYCht54U1VnBlFLzpS5eXO4vTLNGGWaG1jh30VV4p28yX6iOexj17CBWXOl7EJGzKF15Zbf-vGxxQrLvI3JoOCEulsjmAt_V2fFDYdIrkAefpKDu10EVoyLHOtEPIg2yjVWRhAMRiirYl2Bdn_McAHaBpZ-_OzaNdWwXK85JAZYEgP-2rDMg5udtN4Zd0WY=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=Y9mKqUOTlnKYD50gVMd_sGRPbiZ_VQrMgxFh8zi1qqV-QekQ01IjeRfrC-kZYpz1B5Iqwrs_xHsCyG3yKd1RAlZBJ_f0WT4sVdCNqcgPf4XHyKIxlwH3aoZHw9TEDg5gZHTTHVfkpAVptF2MH3qq4_XZRT8JsrMNSGm6mT24DsHfiLQ473YwR41JG5_xUndS0D-yUiOG3e7JgeYqwz4zk5O79Oil7MMe2TUm1SkyfZACpxv_XYE-_IMOKb0cbM0So8EspGYZvLOH4gRAcjpJfYLAIhINgjUYT0c5rk7XYbBlNVsrWFVT235XllcD4GUoQsOQjrrDAPZDq6fbH90gdqwGlt7MpJW9rRSad5CApCPeYEUqrB0n8Wm7psI320LFM85HCmnfkge_69SKNucOCf_R6S-A5QVFr46_1w_poFiNoo0HJTZLluCBTMPXIzajbCoa0pWXRGy5RwfJBUbdcSROXTu6fpg2SNeNZN3FA5wRk3L8xrT5gnK05L55IyHnUFVTONGhQBFhAF9UWdrHAgBFfJycnTSjhNXjh2Phc8pFeRhuB9bYlXauEg49stwgNMpwb5k9BHUS0AOvR8UGpXHucHzEOO961FnDp-BN7_4_JFk8f3YTRS7aryky5xaJcbe7h6PL_rKG83PJZHurqvhH1P1MMRBDJ2Y3kX4fBpu5UtfRFPts5Fg=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=I1SzTRhmVR0u_Ere0ozsORUJOnzreYhUfLc_ueeCaMz-oaWJQQj4Cm9y7sdTURvGlji4kAZChQm08WsqABm9g4zwIARG1FRTOv6Drinb1OvTONPAC9B1hJ5Nz5Ve6OoY-iTcyuKrgd6qnfIZK-xBtSvCvMgLr4N3qG6rQmMeNe6obOw62uzepMQfNiqcF1h2oGazdVAkivxAQfy00VURJJ6jpEq1A3WXhopMwXkln2pA-BNqf5lktxD1VFNOQRPyW6nZ6aLc4zHG1NJUVPZhKX_BJKcyoQ7hjxU_m5gMpujeqhFJ9x5YSyf7xP6udZqCac5MIuDowip7XHcqx62JQCPMG2mC58wfURMBSCEs9WFLUVU0rAiMA86LZek3AxfkC3m-qmeo4dIpvQmyOz71DkpNgR8_tcrG5Cba1Uf8bmo0WqUVz8uCEgpFNLhszuQVR9R-jOG16JEdvPLZygy6sn9EMyjhXyNi7XjvY4M_CsqvpjDfXFjxS5owJ_CWixoU3ws2UkDHkViNT6V9Zq4yz8ZMQw-ddgW-w5lgg65oXKlxgDhBJ5YWGAY12lrdl_wv2h42PVIA9vxm5z9GnhX4oiRxL57NbGUZG9lL_kqlBkMSkyFGHHuBB8xui55Y1AHDuDPtXWP30k0VbhIIiYrcISx2NI7_1eQ94qFPdyPpGO1SSIbZRp_8kZ8=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f5dce86721473c28efd659ec87f78f3b1637066133&psp=uXiQ9kKWvMJDl4G01vSZZpvz_X2zK-CBXaJwsVl4tO32Tn2QG3Li7RSBPCOZsO0kHa-jAFaDZUVV6-hrdpNGGFimYOxuFWw5HqROOw0Q6dTlGyRC3aWS_JYjhfW9TFvYA3wKpO3Ujwa4yjivS2hDq6oqxIKQMccSlye2Fl6RBOgzmfBJDyT1qXFXaGny5BtgQyuDgOcBbVOE2OdhYcRUn3cjaz5Zxyn2-OWf1COy5AgScs5VqyDRDi7e2Y1rGACa9aQ64nm1L75L8b4-DZvIKYHOzyKQ6dWSGsayqtNkler1PP0gHJCH3xYIt-_bVe5Ql6n1PHYsY-eWr9hYsyczaGCAGP2GoXJpJH1-rEYfInl-CItH_d69m7G8s70WjpKTltsfrfIDsWGk0qXh_iqei2QC00bFjZglcb1Khj3sBRceLOtQJh6q5VRtBLhHMGG_3UGrkTUuEgsc-aHMKLHl860svfi0SyeUk8gUmUJMbfN4Zgh1d0NsD9YNYlDA45MOZyA0CojQGVuN0G-Za8-c60ryUYMf0V4v5wbXiEviamiovOdqDldmKblf9D11-PKHDCXuS5uVhs5-sMY0BHRc4Jg3Y5eaFGOs2z6tonLrodjn6jFZdM23OQHd689LL6l3zV8oFNRLBKbmJUMuoZRGC5pRlkiF2YHaX6viOSe8ygqyKru10Tw5Hzs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=86xUYpU6xB-gthhHB4r9cTgrqzoM4NSCSoXo_QixYzaZFZIbw1X-FNEfjzVzWWSlxiZg4w0A4LvhAAr2TNBnUD-PEzDF1cHOgKpLLATI15A9CGL2nAk5CSKo2ncmg-YFosZvc3DrPvNcCIPLSlvzGO9DUiGGlkQuKUriu-6Cnfx3J2BB36mGbxW0CKn7r7qJHLgN49x8yqC0CiI00ZyQB8ItGJoT2ZUCXBzZ0jnJa6zdw34LLhKK1VHyaNSKQ_7wx9h1jWESUSZdEcN8Kl_kJVrYSuoslBeIiPWvpICb5qt-oICJ1Exy6in-vxPJzElP2z1l-cndt2bvckOrQytOqWivt-x3LoH6pvABfIFWFEAeLsoRt3T6um7eSVspxDJ9RctoL-G4P_f_sfd25p7g2UCmpjSI4UfMvoUdab5Bw3q8AByCG1MdK5BD4a3EMv5b_Hti7NdM3Rp3mAAwAOoztURlK09RbAlQc8gGMpxiEDdtf6vVHoVOcInEvSfCTnZ_lkEV2_mwdDxYyTax823Yllz_5Lu1-kXNW34XzBrbeS_1MbnT34jKCC7hVVfFycXSoAju2ffbGJUOUxzna-QlnTJ2yR9JHzIvJmrL-4BGDnOat8KuNESd_E8bIaJezuVcvgDCaV-G35JXBXGCOouJahb-Q-zQblrx5yJIEMDvA-EIKuUSlvhXvV8=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=I5YMO4KGA1A9EsRJlYr7mdjRaNjcySGsCTXAIWYPFEeQGGN2VkT44CEK6ukLfPaUlv_k4oialoU4mXhciqvp3R9WJu6Ia-cWSA0_YiH0D7Zn00xyD2_U7l3zIM4oMZzetxYmwb4R8YhSes96qLAkJCtFcRt_XsPhZ0SyZXdYGEtWISNvmNmKKFeHMjZFiipM9TtUSXWzlBfjgsty_EM_E_iVBcA6xdo5Mw3ms114cvvuaDURaoU_fBXYb3hxkb3wk7Nci-u8Swf8XJasE6rM9asYp_ZZ77g-sbbj61Hp3Nl9qa3ri-SN1R2296v-bEPMJYeFcF8s5jObSxI9eeQWheo-U0cGJ6sWdI0yGyA-bF0dnWON_yH3APal5P6G_OmPEWWo4dqVGXHndSwX_2tABRdGAKdFDlk5hS0UOD_r-6o85m8r1_l5rFhvrhUXGQX9-MYqi_xfwyQAsHgQqJaSzVlYynD_yHxXkhKz8oL2bRUSnjKzaUkbl9p8hBTRqgNyjGZ8G4kF9mLTgWmogxmznlh6qYAhZ7nbmKsiK70AvyVpK532ZYF52lpmNb4TcGG1Cj630J8cWrnTJNzBgRaKlW41RkWgbGWRnzNirrKqXjBqxmBgNp22whoZY59HuZUjoeeN8DKOpqAEp9M1cVxLsf8EgmtPKT-JfrKnsRznCgvPsxXDWEwxxfQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=j1cu_aGLUDi7fPNGInGjt6YkOAFyOEXvVVwtM2_C1HK9mAA33uma-wRpQjV2h2AUiz1Ghbyk6pLv2_cOJ9Cz4kDJV1lQVba66rgXGHOtbYmKoUHfAi63UOkIbLJINdI_rxDW04aI2lsrxZ3yKRJ_GTHjrjyxj1EKvNGQcTFGoZcSmk1rZliZCE9tpbag_INgotwc0gOVRZWt51RGz0WtBGt7NV3WyvaGqOWTiKLGb82eHtKr95SgQ-KEYkSvgTlWkb2p-J_92flNcHQQKDbOVXh3Uuv5MDg0DRnE7hNTwurBskTo6eamSD-sT4e9YesEDwsmNeg5CQ1s89wUx49nR43XrtjINEmN2pkmVWHXbSaREcNGIYVN1vc-QzNMSKZ_p6z8Nl6ypWxTXGCati0UQ1cqLPTeoNSNkloMgvXnmL99P0LTqA8qfLH0bP8vkydEgbondIGNi4VbJlxQ2a9Ewiyuh1lErK6B_ApLI_kE2jbzSDoYbxyWZgGxC9O4yrFrf9vzqOakhCp5Wrhv5buJwpYTzm7UD2gdglciyHB_tUGV9J0DhBTFy7_RAi0RA8KfQXlJ8w9MTQiftaCDINUbbKC5WLv1dDkg_L2exHg0BggK1GJmf1kXac6pGDMqAfVSWycb_WTNPcUPmWNcBST8wT0uao-dMP0ub24uBX0FoKXUGxgnvV_4M_A=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8b0b805a554942cb7c74a91a527e50d71637066134&psp=rnHxYKx9urGqM9alRFJY9HfWAMpuaSAREfTPgjR9jd38XNm_VagFKbNLLyabwYcl9kQErnj9RiUr3oJx00jHqpYoQ_GkSgXgM3MocfKRR0T26jKKOcbMXaQtKUKURODsct5KDUygwHyi_2hb3wPgjZQ4DUJNyhfagy-7Mn1gvok9sp8myIwan03o-zPX5f5bP0OVbjdjBfgXD-G8E37Nucr9wGNgiXWPEwD9tMdfre08cV6UadBXwOkrcdc5DbByVBzSydkxjnSEFC-zr2ImjkzBKunAM-YEwr3lga0K2npqFFr6Hpnobbz1-30kuJhsWr0dlv68J-zAcfZKJ5Wz6ge1WwL6jweyTlJ_55ijoT0jhpBhRFdqhy9F1o4Y1B6dtSlgesb962p-GcZvR0MvwOlY3fvi08mIKBzJp2zBmR52hCDL51LBV_Ecw5kJ1zuhTOscRYYjaGoXEHjJftwSnuXVZ4Y_iXSAYqk3trNGOis78xi2sdzNY9IXnM-Ypk3TijEjiOdYUZwHJfjCrcERQVAEWP_291qE7St_oGwI0RuPgVkmp57lAk_iMjR-8elvRMrskLSGziFzlZsAk0BXXONZfuDteSy2Y8ndEfyyNasNrX2nxe4jCYZ-FthpY7Zk3OZGDYUJaHcf4_A4lSV3c1UCjr91FFs4PUg3Sh5ueP5CymHBRAmppj0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=DOvMDrqLD4AbhobWU0NpZKjODcZBpk3uQ33xujFJyQ1WXnIG-W4BkKMPfyizJsa-UdmhoXFSIDe1HLHz1v5pRLgnKQBa8yrUM2bkPHggScRXY_kdfLXxPYiLg1X_so6qUZC8J3MzgUhgUe_iCTdErDSoPrNkfDcc9I7Vna5rgQvoXZ3H0vW8WPFfxKRVEwJQYZ7HtQewZ0xeGqgH4MNAv8XNAdiNSh3U63GrsHdIK1-eAkspsL_OvUh1jfatMfdO2yg0U-DKIJWO8O79a5k4jX2GI7Ln02BvEb3H_uPBqnm3Un_cCaYGDWzt7clp9gvuUxuXWMn1I1hjnwX-WMAHRECn8wAMGDrHeRhiJtGV8H54UztLfOVPMMBNPb5c-Cql1fCVu-TgIXTX3lx0X7ZNQW86WDYCansKcIG52N7kL9tiXk_DNhf9rTGCCyap3R7doXYAJh8gj55d4V9D8NlTOCxXe4dSuXRfPz5LAJq-djfVf85hcwlR-blRydklaqvWetKuvNBtDhOVjTe82iOTOwyaXTZvbVzdMDbN9PN0UFE4DEY1IlXhD5A-40KAloZR2puabbGcbENQIuIET_dtQy8HoocUw2eIZvVe7jC-R5AbJMuZmUghklfJn49zKQ1cTwxFNHz9cpwCq65OLucZISYnIansVE1btZro15CFslw4DbPd3mfx2-c=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=x1eq5fqGPubKdXQBL-bEasdORIzuD0UrFL2cu-9PSVyBawOg4NjPtMIO3WoE9dFZy6asOq8I7OpgRVv94hT072LMKlrXzG77hwsacwMQozeWKJ0RBrzbUyLBKs_QkTmIwPPqd_JbgmhWEQK_vS36g3T0ojL2jnsLNsqr14LYicKqKk42HKDsnUCTBL8xFFPqotl23XsDSU80bztgmpKVTOYvWcHuwB9VfBiea11RsKbz16zrrVaJiKpKA7YHoTnmFrG-uy4kJIX0ara7Y9Pgo5pmqJUP12HVaFuf-mO_nX7JDcnn_48Z8jEOmMToKZFYoQuqUfldv5-uTp8j3NPh08AmOWJaSnhZbYs0nm5lefOmXmpBezKniH1nPjXWXX-xpRD9Q_pazQ9y9rvo8LPsF_cY0Y3ZnLNVqoDOLZXchMp81s7r7d2nrjV_krVCOVhlD8CdAP2LXGIOidBDOSecU0Y9g6wGOVAjFYCn-5A4-of-Hl8Vwx2D5kCMcBPFTekRBbUeAxdrYUOKtFfPNV_fg3Bgm9PmCIete9o2jiL10t5GORpHMygTGCO1_VaY-vK4cj486m6EchrZ-ELs8cK_jM6qvYp8wFD5tWTsTAAWqYBi1APnE7avExrVpJ1zCFVL3HrNFrNDV7DZu4MiO30DatcK2x9dpgBOGL4BXiRlaThg48BsR6rv218=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=Tg4mUCw-gFKxKmtp8UhAaKcS_8MUsbiFumSuHs1jcYmzIbIkkElRbONLuDgPQas1gWX0GP6gsheSAuvwzYD1LENRj1JtUR5GMXqisrVVdpMuGfQ_ejoffEBG6kBkozvA9Kpx1arKR6DrljILBSLPDum0efhYmEgZ1sT97gj1F2bd2_cAqxfpOiwTvgyW_eEuXb4O7m22C7Ikip2CU8LQ813a2H_IP1-_IxhlEhcKBEvu693yGlxDZzU9dJ-BUS4cW-EDrqLP1eFamVR2M_xfabcm3nSW-FG_HSu1bNA7XBgMuq-CLnK8AazGERyHK8g8e4hw-ATIG97UnTyTFDOx5SKqmyV7-wLhVkzj2jNBu6lTIRFNMEEeuB9lv-lLQjmoUTOv8Zo8E7K8jzFpgyvYxoz1vpJfVQZATZf3YtDKZnm03rUaFtOggysxTqFU5hPQe9kmdhZ2o8yYGiNOtg9HcgijlzFDezd-ZuY6SUakh4NQ56arvEsz0oGgvh1pwMUrPqHX_ATH2h1JqA_edfsf9b2wwaelAni4u-rj_ohF5iuJztT34iQms1atH5ZUB6j8uVnzIUKp_YnNMGJYojtRGUDnWaISLnjrzjEB1VDQlYfxrDhfg4EQYjxncA1gEPokG4UaQpjwU1Cwxh5hRbNGI-BR-1enApiaqeVWfaK9YyJiV-iBViqFfjk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=edd280683e28c9460b46b5b87efe970e1637066135&psp=c0V4xWb2zfKhCeGouNaORHxcPc9w2X_22E7kTM-prg2OgRLXUq5eC8S6VcM_ArsR_-C9cIOKc4QdwxVSJ4e-qeTEuXN1nJQq7ikbg8OuMgkPGfd6xdJ3BnnjtVz3_j8FNjsydzr0pM4MxEOiQJvlHykMyQRz6P5sErAYyFe5gAaGXyREv1dqdNp7wxtmSh0sabqtLAYgUtLCEX9Brdasx_RYd66RG-NPnRYJEkihCzxSm8E5XOyZJSyxg0-4cfJmiO_PrxID7rqzr6twUEWx2yBGh6176IFLFnr_XYZ7A0JJYjfTHmuwJ0Liomw49SH4uKfbJtJwTQ7dVqBnG4-ehzdlCgmnPq44abRrwTPLd58brsbHe68zLfvF_kAl1AG6XC3ECZ0hltjQ3tfVzRGV_5DDdPxJSeasMtPoSZbRyYaZXUhFBhB9tieOgnntxs27_iQwssJtQXZGDhEWSDZtBLZUVMa_3Qyq0oG96LRxHQMrTLXHfsXi0QUaGHO9XZZFCt5og3rGzkkMGfF5stcOKfDvhGhN21JImhJcwqZvi-cqYDvTxA737-U7PEwCiyD89qvvpkBlaSiClokr07vumGzwqJ7vsz94JC9QtjJfwv17Ho6xQe-QNMIzns12slWAgLcWeTtebOe_DH8XU6H23-RCI5LSrU6kP41OYykesVNmgjzj6I6Uk5A=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=iHpWl2410h5oXA1UOA545fqUhxNjMiNrnNTSrcolqklzs8OmTuoBxfAVig_AeiVg20s1234QCPoUxeUKZbUzrSkmBhUW4p0fRdduOEgGTMbaM6v7g2tFQyUDzxxTp0_dfpwj_iGugnNUwA8Oap6Zu3nJPJCenNyGDok0coqlt_XXcmbM2ci0wnFgs6ooiSaOrE5JW4fHGVjHCH9svEng9-GoKp4fxglhznRQvvoTTDf6mFW8BpmGAwb8p9Bff01omvrpRon3QkDLP8jtFg3QZjFK9ivdRSFPPEA5PkHdoMYuNS3g0e15bU4J-AZsCTtDwGo0KwUTr9YlWgbUxGdHPwlLEUHqTEoci-mbRwYdX-qFKx2AHdMM825Ic78QMRCDhfQZsm4UGM1JidX08y2iT7_rE4DCv9m3I9zTNDwGrRBd7drjSag_SQm5GfIC9nQ-BNCjsDMeTbXPrjWcUhvNdFh1MUPyWtXgM9lsXAU_X8ZUBuYGn7RZheCu3eG0-rge72MIPT0h7tH35UEKYLdYgdjwNlgm32vaxbhEW_jqhXmlFIccNdwJ6aVdrkT1cmYfNNQHrtqi9C-RDqAEfB4uJh_oAcRh4qsClTrdRkdhq7UNc0BcG7YJXvvHDza7T3-d88aEqvHbuPijYxdJ4fxuhVvQnsMrEbmqCSWmhzoaJrSdtmce7fIWjNg=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=VJ0Dk1xDdTadmfWUR4hLC78OaHcK01CDgKCNkiPl78Cj2elHTXSh-XR0n9m56ymU_V_SGRSLNs4PbOkWVAF3ekKa_paNzAizS95u7I--EeQ1xnOXtTlKqtxoIeQ3x4jZIr9RJcxEPCQFXNYLRyfhXCBCCki2h6whiSzDCEeRnfI-y5e6Qw0MmwNAFj5T82bzXrLPqheR12srR-SAEDjPvpqEYNi_FHb78j7GPhWRCHQR3orU2NUZiG6AZJbCFWvLijefR4ZhESN3e-LdEo_J4FyRbU-FAFxuRYW3NXQPV_Q62VSr6Vroz9rLz1knoVS8KdpEF8yQbpG2PtL5YHTzOICAFnqOpjlPp758iX4Yrot1d712rvWwRzq9PxR3S_2HlwG6YaJE90wJ6jZCCiMaV4LNQvKk6TsGVVyuFvdQk0Mw5CVVB5Ws5hKJtQFc-xdBDAPz74gNsCckrD5WlD_QgTtvyPJFCbR5EE3VW5O4Uyq3VIVspB2AtAZKGHlCrqt-s5o_y7vM39LT-HrZjehOBs_gpZ5B3zS0GaDgOGQnAMwIAbaO7ud7ElWAbTogDeJCLmiFx815e8hhyQXbyPO1okil-VYtNzN5RkIZsvuveRlxj5Elq4iK1wPegOSjK2RHtmmHNbi5VgqutQ9apigg0Z_A-H76nXNrFe0uCtrihubU-AqDOeMlgKs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=5fab41724be7f9b47b2ae4a1d69af6421637066136&psp=3kLFM6lssoFSyWaYxtcF0tuuESVUSJ1fUGO6L71jLRYvQoGTgDyTjZuHv_0b_8A14k1A2CZ0BYB3pZ0rv9oXJUPNmkHggAOuRvNAxLgKWgLd8U3IE-193MiERoO1aQ28haPt-uE8JtfF7BCAcc8YGQ3WbQ4Cp1FP-ih1JVunPyDhn3zhp-zS8cXh6aNALymYrT2GYdOyjsQPjQvslHzf20Wykba3wKYjkh77Fa9UFKyZxuh6fZBgoLUi4RTmbeK9Tfys-123jVOT90MkF4LWh1zDYFQCafRxFDRkXpBCu1OUgqs3TuLkFRFwOXsXsXQvoPJcAaA62Emf6Rwa5pYnZaZTgQzxv0xCxmeL2s9cMQltPwKtA_USAJKC3XTInnXCXPDqNtngSfzA88lydQv0nRXTA4Tf6ACrMn1NZNmr7QR69SkAZu_3TAIY_aaDyOWnLZMO2nrwVCKSC_UUoCVV00NkQ6ve7UbZkDgr5H86vwPOPkVnvQGZqvQ5RyO4W-jA9OwvxjB96yyH6rUfx4sxSlo04Ry6tzgRBFeIV12xRbBZjC0f87DQXcqQsDr1ptQoZp9RNgBgCNKPsXdxgodx3wGUL3_hUnBInJn6Y_ISxLVAQqEFI-OsUaiwqbsvNYs9-mjSd1e2_3vXmd4wV-rWzJRhRNJtuczcoa4L1OKIhv37wJmFTS_w_90=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=4UQorjnJtsTbTm_Lx9_eJ5PrKOQ22royLgnSCp0mbtCdz5zWE5NHUOYDTq5AWKFuxUErBtwfSRtj0LjsaFQ2nAPf856t67_1Gs2IztN8kKWjGaqORT-duS0-z649-2xb94-ba6TpWJDs6ZheQX2Xv8kjpRIMF6rLMLOeYw7roIacOtnu8odFTBOVOoOA-vm5GwzakcVRQ2tj-PGsmrfdi5CybqKhhk3vdcb4EOU7xQiwhALFR4yzPNhYZwgPi2qZYVZ_dnHu22KPY4HAsQ22PHbIZM_eO-4yuaI3-b_I2db9ZNf2zixC_Zxis2joQs_ciLB0Sp0xl-hc_u39IJsBIZPRk5y3Tk3AKyPIg4lVY0FoL4T6aATl6L2kWgHT5RTXnR7nrYdZRFMzCbaII7cDpgUN0WjfSSF2hjMckUXU1wugglpT9dG3e4wdSGPxMrjalUGYWwvFkeZ6lZo_QVfprKn7s_-RiByxaYt8LT2xDd2uAzgeFkquQmZjqoL5QrhWDTsdoNxtx03s7O-CNCgCTDkA0_9okjCJH_ARTuWWYqzahkvQU1pV_-fAaVeyIFlMyBw3uHu6O24aECve08N3yC5hEXFJcQ4oqISE6VT-5oTGBvAwOBFB-pGvbjSiz8wqAS3jFFWrB-vD8NMe5frf-iqXOEwNxLOKtpMp0ie-xJk8K8MsGasJlvQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=ph4_Jyblrg9C_Sqy2WwLKqLoWjrerPf3QlmxM1ExBWfaouJL6v0rah6VANhOSF5J0lGnOjC42xaRUQ7xHCdqlqL9gAZ3WNx2hQDchwDdeljRMNjQ-DfjxlV7kAXqzY-50St0mS3K7iYDypJbppvV6Bhgji7LH20UtDYswx0N1p3N2fOelbao7ho-LJbuYQGA6rsLqnLr2zRKtI1cC9hX0Z3LIvW6yUH48TUb2r9fgGdymqlgs675HYA8sdYtnS5OFtKKidsZ6CaaYHbBAcUqo4gw79mGPjsgqzfi_uSVhJhDWHs2SE-6E8MeWjQ8V_pSunvD0eDzxu4tg_qVadm_g3AmUFG0FzxpCPZvEHqNaL60lT4SrZcllqbi84hjMa2LMslK-F8aVrSXXn9px2BxMAX_lrHMFz7W8SGioGX_wQeklol0H-_HurXoXDvDQy5IlmgvfaCF0D1nQMHrF3qZOHmmJYYV3LHr4zkdFAEpiyleEV-_Lc1A6P-eIVntel6b1EbSOWsV8S9vdv4oJ0-JUQ1Y9DwF81DBrvR7z7_ievCxkRcgbMhq2t_Y1I9rUOwG_m1iz3taVU9vz1uQTEHUl_GiN38a-44Xmi1z4BecTUsKPJBLACVCVWDjqRaZF5JACnkIv-Z0KyBTBLme6LbE5XP-kz_soVKqJXbGtyeFcd_RIj_NCqurHtQ=
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=hsT3BF6R-rIytNQmNDzQINVCR1OYv5ZlJHLZRz10wSjMtSqVe0fmCniRt0XGVKMkGyk6_gipC7ExOs4OGMma-Iyh_oboPUJcSJnkOHkxuWeR2DZbEYYE8-sQAc1fVTCeuem4aCikIXehZtATB0kSSQ4IofpuEn6eiE7QlNDMJlZXyl0ek0Erb-Hm0LatKoe_eM2qy1Q_KOVSt5uqYJSx5_KFsm9kEfQJLyqbVWJ-WfPrf40S1kCmA_E_g8Qbn64aPwyRwf029fuk2h5tFBL-8LV82tMtNv3XLSHp_YA2_jvXNfPo7ZJhF9qKfNiRXPlpK4KvvhjzNW7SL_aL9Xm74irM-MXd8z2rmD5R_eCGRRh_BPJpVkd3z2yMSTmX5u3uDVi57enqFyrpPTUSWEEU37rDatMXJajbHMi_QPlMmG_kKRcyiSfVBH1J02F8X8t8cBZWwyDdqq7Gp5EBnV5K-TCo7CBEUcDuNeCgcH0Q-ptkvdHQtzBXFab4Mg0lBBsN_3rNa_G1caey-OS9ULfAozvpaUqKQuNTYI42u9QHjld1thA0eOVlzWbvGC6I0zRYgKObCpxsDmWeyfXxuXfTzLtCzq8LjJX8_I3nLzGoMs9FqGPY_c1Dp2ep7tG27LK9qp7ebnTjDMIfD8wFF6mu0RZLuKz9Zt_SC0Oe7GKbY201qWYHk4SA8_s=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f57dd8458e9f5da92ad552fa1b07943d1637066137&psp=TwmsGNsWwgzJLyJoWCrrbuF39sMugGDzTAc1sYiQxMJxY3Jb0AnVwh-eUG7aIGFHxBDpPtwsEd93i6g2NiDdQIvmFG7vu1g4D422LAzty-VwaDAWvq1yemHqMSvx6pkY0P2VbvlEuU2D6FoPI29zIabsOBKDid8SJax0CSo-_W9HICunt_zC_7ERezkOoMRhUVsT3xmTd8LUjzle1MbTSMqj3PRj6GRkhyjZztyVFAmra_5CGA9gSF7cAdXJ4p1hGOO9jH1aEx-AJ4KjIBqWwcOGO20xck1Ihjpe6YE2--hwbufJ77hA-8KbYJJXG1wYSFi7jzadPQz8-x_WTzSMb2O7xoh-fwwYwZSboO1Kei53cADqzVoXSGkkI9UurVRjxAEyIuRzhN25e_zn5-pjNFqZq9w2Glk8azGh_jNEdTmVj79wFnMZacgnUoDEB9Vjwpb5Q4qvmfruF9LW5vSXZhV0jDPVcEa6zr5eScDkS2jXrb3zKLNCcGOQbToCd57WhBjaVjTMDw60aUacFG-x97RMg4FxAAHSnE-nW3VXPTzQoiTnFuCHcXzn0uZnvxediHBXg3R1dyaLhgtMWt6UCmeq0JxOUGUtvx3_LThJvm6e4w8LBBVA1Dmr7HJh93b1YuGW-p32eng5tZxOsO4A8l_MnxVfMWDNekQSrLEkEL1KmI_jxexG5qU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=vGDCV9ULvk0ObX64NyNDFFraWIv36gpXU5Od-52WrzLpcvFo43lRTPnH4ZM2LA7PyyTXKNfqd4Olws07UEYMe9Rpax-uMmpJT8efz13aeiJ0cAjQkV-3KGJsZm-lFIbhwmHD8PUEPbZZwdWn9rgy8KdUuSTZ-1228vyoH_Zz9wa5VCZeCHC8xMB7UPR8B_mLQr7GJt8cI3-7z2y2_XztjuIGiiT5Pt8CY7Ll7Pytoos5DnunUjC77JF7V-uHrUpLh5OsSnGVGhqERhd4W6ga0YGDwq5x6Z2T2eLW1Sa1Aaqqk35z42e7R8AL_kqiUu1oCwKGgBrRBXH5gUGXnXlkj80Gia7LshCBHFZMOhZAZBL9aqKgP2S56cA3W4d_tvuJ10Tv6z3CvIix-p9eIs6XvtZ32FU9sNCsMxvt5KiKQyIDoWAW5avdEafXF_vWvTI062nvhOkmQ8ATA-jalDFHt3fJhiRkfOAUBMds7i2-WLgRzAkHA81YsiV98-G5zFFvImW1-YkXOfBd3J14s7crwquP4TEMkl202QqyV9-vU_OxE18kYLuuF3hj35R1AWU6BWJnn3qlu_7GvmN2xQeOqFbT0bqIJJBiUwYSUb6CusMzfgmdeWDli0E8vKWpzTrfmTTAHIYA6uBORP4cQiNBskb4zOEsolbM-3upg215b5kV9rmnvDmW08A=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=fh6X420PI9L9uVBImOahLmkTaWvV6BW24dsmy-V0JAyaMXVnjkurjqmuDeUixtTRHDER7OvNLYPahRDY6hX0y_p3yNTjCW4Bc9AO6L6iokjL0vBE94P3DYx112bfqrbGfeAFBf9eNusYgT2mPH0oe351rkj0qGWayoMBfLplcvM3AEIjfSifS4SbE9nf8Uaw11TmW6QLgSm-rF39Vd6UD5hz0AVVB-JIzh05ZXfbPrmc_T9cvRny2ehMzkpv3V-AS7Wi1HvzePNSpE8VHiQxUd2CBK-BfHbdJDalI0JwI-4UMaJBd6ZeRRg3pj3nvvFZBrOW8gLesaenoAzDZJw9RX50u_DkMmSbBUGVfT2zsQvBLfTKba5TGiraBLRPbDYAVKVdgkrwMuJigJfH3lX_EPJGXgoPCl4hn5Oy6HtC3_JnG56ADB-2NYmzme5wePjfENTl32lc_UaYkvRBTG586EGj68xkJnN7xUOLzQB6wgfxv4J6dRJtyQkl-KoX3aESXbRC6R5TtLoFcilKs2hzPzeoDjnJeIUgNh_lSjC7QV16_aYvFCNSelgMudDPhhu2h3ze-NIC5rKfAvvWLrTKHyqkqmsCE95RCQLSOJ33LY_d1Z4iNOykE6WDYigiUXVgJCWbO-MPqBvDGxwWFg470pXHdQ2PXydNNNeVRJiKheI-3JzlbPmvN9U=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=EG5qlAfvhNyGalcgZRXhEob6fydxFrXqe7JfqfMa_iJiD2C0CW4YgpYvyg4CfOurwTkroRfrkZ_WB5C9ICuBqH1L6GC9ngicS--VQ3zaIda5qJWueuwDMHxRoWlhoEyhkQxyxvdF9teA56yNR3dcegpnkOiIvkUzz6n-8sOgHH53cqcWmypLp1eGbXfDjXGk5zYDFHPaW2uL48DvB9e2l9ONCKrn60Ind_Yjb3ApVepExDmQzVmhnMsO4ffOXh4yx-nmg22pAEyAOuEL2q08wOw3Hjh3oAaCIq3A23K04tzjnYjgOydhFpHubkwoGZprGDYfy0-G1E6ThMAFr_I_CGkkHkXjsNMeyVm9kGEqy79VvGXSjgO8z6KRFzAef7D2Z4JBhmVkQhPvw-TNMR644uejv4a9YDcklswmxONcO0pA0_JOYXmXaWoe5_XdtcmDoRt46HCIb2MGxl82WCJeJ4pgAOkTYmLveBU7WR8uYtDmBAs-R0TmiU1NuJpoh88JADRROh5JaGksog92Y0BmeDBXZ4U5Bwv0hMBHZ2l2qP5A9nN5q-k0eZGmOs8ujgBoyNvSTbP8P1a8iAZ5sHwKkPDKTqrBcWDsuCvL1JRg7M97bMzojme6-FjCRujv-MHUAKPXFmxoATP7sJF-DE6HGKayD9yZS-e34Bqt_tLT6yU0wJTQrOWeCr4=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=5d5e563461396087c5ba35c9a40e0edf1637066138&psp=ppWI51dy7J0nMk-bgxHtMQlfvv2KD9GVMDPcrOzFgtS4o4-G4jsn2HMfSG026qXq4ZL7gHXgmzOUWpHC7Akrhe35msNS3w1OhRxCnonw0b6DFNAX3aui07UVizaq70hG_i7uDt4OPfRvwXXkT3o7wqFHxlA9HfoLrI-Gdua6WzuH6HOHTYqYGv3eljqD3_XmFSfsT-vKM6fqALc8Ja5Bjr739ATWl5FRjoBbvRqaEyS_Uq8utt9xD2aACHZtD3ZINPU2Jb9sxGm-k6VrColvlDsOt32DJBuCbrbLCB79_7Q1fYaBpz2lROtIq4TiuTlt1p_S5nvXiHsuU755XRZ5Weqb1QYxpuU_Bwe7Nwcny9GyuezOVQ4Bk0gS3UFqRD4jXqe_plC7vJYLl3nFbTNi1lm5TVsGF8iZNo5KJDyuoBKJcSnQeYdhvWx6ttuDo9b8DbEJvwnrt6tOWiIEAlkIDViuHtqB8s6LaSgiTqlW2yVtChnXCV2oM-xY6nFgga-aPP948YgANPUhvhNeBcBHw-ZEoWmaqPm4XvbAwHU-KjwyALWgCAACH3pyjRgjaQthpi44xQtUKu4q6VaLJGmlde56S8yylUEMMOSwj0rPNyIjpQ9fCDJtfFPAUtc_kr1LFHqQmf7lb8fwEnX0xwrJ_5fBPcL5vuMpgpUDAsxupVgWYq4CBkqLlEQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=fczBRzWjOro7sHTEepJpU6dWcdOoScu54RWzizcUUI-1n4vgsO7rmROb2_lsMXjwCGGZDTh0c0FLYZCAbxtxqv-5oAxgkf06yyjQUGUMGX2je9FFoLYI7rd1cUUKVdLkEIQ64HgnThYvZJQxO_Jf8plULobdxbIg6JZHiutH-Llh31FPycaw7hJG8wK2GM6OHrpo66Ft-xr6QZboUm4vYW6RqFk45Ha1JGgBNEwptcWN0ii7rhyUPNS-KSLkLvTwG4r9QLXRimBQvC1oY0TOC9N55_KNZVwCgF7-1wzUoJlRQOMoAZD6mt6FpPfbqJl2gc2Tj-b2uc1VSV49utMh4bXGC01e1SvFAMxwWIHCwI6SOj2Mmt2ekzejqA3HbEMx5Bo9r6QcO2mOpTg25RqRdmxN2Ohvxq17BUebTDqYOJu0x2Q1XhRHACuICplUWyxB3XA5f--Ch-MnhUBrloG_CCDBMn1-tmVIylgfIO6hISCFrKmCdrqFkzTkvRiQ70wK1gBXhq4UAZTwXcsW31xCSIIkRFxoCCnUb3ypW1R7beZlfqixUkkwaADQEINiB9ZBpky3yJTh4kzZUO7jdhzZJHeRSm77MDxIwQ9J4-fd1gEiOXx9fK_NddrLi1pykgGA_1dfJapJhmAmBdq7_Quu5ziFhcoZmfE-REPbynBSc9uRh_13IuzT9to=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=DFzPxBF7RFHEmtshsB4Cb5mImHsqc5J-rf-oNPHz5HsrO_OmH53J1HZbCGxwrWvtOc4pZH7EBp7TKnF0rJGbiW47gvT-CzPbWhdEOvrrNz4ORn-_hN4XsrV0cCJCfInOW6Lmu239R-rqgCZ0FhhB7e2ZdTJ-rTTPdBWgAkXYBvBJ-qk0mCztWJ0S7gcn3KrSlqGZDryzK0gVbDPhicS0Dymmnv3dYbaFSk8_dAuJRW5yIYrt0jjAKJtV0JYjMwx_XXM_S63axGrwpj3SMRmmb32nXmAREnp7-BvU0vHoKg1DfBLbokIQvcwSbXQJK565DfFJBIeL2AxqJPOKuzUPYJeTjH-EkH_cgXMN3GDHJ9azV2sIu5VA-mmABcdn8PF6WfSjUIWqJs_OsNOlOTb5AGXfn7bX-Vdg2nViwNOTFw4NJ1JohGNOpeIH-AP53PZ1IBQUjlyoa2srq8bTCXIxYqvONRD3TaNYPlw69DEQzDgKnOpsnDwbrimlZ0jgcIMLiVigzntVU0GEXvmGnh0JIPzlewe8WoYSfRJiK6FfOheEbqdYDgmN0nahEIU45JUG8D8ddNmHak9-WQicYd2om2RoWH5jFm--AAInEUI8bzxvQN4Dyp1uNvT4hJzXXnII3efGfb24HKi2ah9W-XOjDJyrlJb_wvzqJYJj-VnJd4N0M28KCcAmqOA=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=A9KzFKDozg9YeMzfYH1CoOObA2X6RdNBIU9iB9e-26DCNjCR-OzchIJHgxG0F6ysN6v4SppSgwmRkMCxN7zQT0wvMfJqrauYKY0GDiOQ3-uH1Scx9ixeGLxKrDoUQaXdBlu26q_O7chuK799Ja-dChP6HMIrEyw4EQ-nQFC9OaKHkPgpk7Bf4USxD2nsmWJhrNllgqkrHEr1hZXdc6cVdhsGO4RynDWTlaBSG7u54XgvU5qKMHFcMv6tRUbtfemsr6pANhdOM5VRNvdUeYfizr7NoyJoj64x9mV-Mm12TI32fMS4a5KXdDS73MmsBklFxkapZfNVTms2a8sprirjr5_TiwliVWaPJY996xMQKGSuXCEOym67ZQ8BsJt87_I_gq7BvT29AzYA-AHQTo3f1Sd2jdc5gvBRPmZlsBPyp2mDo3NbwjiVlop3EHGMxN0TDL5t7Q5k-Z4Sihyd-r68tGlRUqxKOJLkpzamm3phGB5N3XlMNM8TlIUTd4aFlVqqTMY_UwOQzidU2OjDh-iM3_7a0CGCiT-0dA0NtbPo--ZKIw-BHMafXHrrR54sra-2JPAyhHw3S5hkg0xCNnxPH06hCe9yvK_Ehd3UDrgOd5jiHYEg25vvllJD2GfgNLBQj4mJw9OMrackjuZ0_2RIMCuDASIITdjpztEM8D-_UYcrY0toj51Xk8c=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=ekTXoJjbSf3-umhgaIjHRPrym72sahAYtrpvH7AUczhtnIEl2KRogxn_RsrSbNGLztzmBJgCsXs5hN57iRxFh81phVSmsUDHEj0b-WzJ576taqY1GGVrAV6Csaf_w6xYuvEflxbTizRI31SVsIlbkP5CyIEM0ed6SrOfRNDwhwlOiSG4czfeCc5WnQSxdrx4Y_TbW7-ZBiao44abpHwYYlk-9__PdBe2A7an73PJavHYleGkZHhNM_uDxBFX8Yt8E2OsyM3Ti7-mrBDiMtmagN-1s3Oyb8PXBK7aW4lRi7KV9T9Be69qx60nP4YKfNbQ1w6C1ZQWj_50Nwiiq6raBwTiMOSO4rDutwUGHqA6AO2YjPRs3s-9LomjPBqe_hch9mrDUourUpdRemjtBYzit9xUuPZrdLctFGPG6kdjoaYxUTntWZLdfRaGHEiaUGboGz4wFMh_Z10cgTmNL4b36282z7DvVF5rPuT5jtMkwwzQxKEEXysS3JIQarCpNImT29i3KMGrgB3q9nvmMP0_Kgs4tKMsN-xY1-HHxatZtt1Tdk996Q6JYuQAAK1s5hqiNMFzLL2cWIIVcLX74bvwKwoFCI6WIWmDxVoeymRGmiTMtQ93aAPTLRp532OJxqQlSHTKq7n9qZL6AX_h5PCmd5vgffP7W2WllDGxGn6gGshhAAqSsn9-t40=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=e3b37c2a646a66a8147ca4c6f4be0ee41637066139&psp=f5mFFc5rDWkhko34FNt2MhIguUlAC2k7NEHgc9zrou45A2O5C3d1TA7KrqkQovhUZqPsbjK4RCXZ2yu5o-AyfrZp5rYfJXZExK5fm4ol53FB_6iPWgjkpxK40qciJiyHlvVEv9vallp8yPOF25LmbhAfK8fvFBh3HPNpIMPuuf-tTLX4wi_TT2LsEh4qcbGIGZwKeIfajg2PUYpq_ZV7-f2-1OotuSYmPmbhBFCGTYVTJHQYY2yWD6Y5vc9ytvIyHtx7TAqViSKH0ZhDwbwn6m9QU51Nx9gqSqGaqZle3P5lmn4FH7daoSk27VrZYxjnho6E3sROzyA392vj9boiKEgNhkkYTQZVq2alD-H1pId3XDhynsa0dlv9c4KcVY8LV8GNi2623-WZOwBWQ1mTYq41xss0ien17TiFy_rZ5zWxlZqVeipovvPtiejFKXj6MbR1BuKarrcA5QGuSe0NI6puzuhHizZszklg8r5Wv4U-_pZIfIjtz65-uzGVd0RJG5tNRhDjfqqR7hJg4tiCtOmhNtyhEoiRrK-E4WgAeMnJf_taj0JTi8RWuHcEx0xuVvXKZqY07NEF2dfOKOaciCqbiJ3Zh-scOor95J9mMRGuHtw4oD5MUvbkmNSCDclG6LPBD0N_NyItB4BCRwOaWDz4iYpvuJgBzs-LyjAVwdSoRbXkZAjn3as=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=rWJysGnqQ2LQsajLiWelR0k0uVLLhscIbvuoBG7D29vdsSVXa3NgmIzB1HLllZvWcxV2APibBKuXU5ui9pGgTn2l1r0eb5vvWjr9fIvBeIEWNnyB2MQ3fQyd5LbNRYuMyOwTW_Zr1Z3CfYy3Ueoqp18zzH5PDhEJC5R-HZ38SxMPEl-8W3ZDdq3fMeRPMC0Ohjwz7vHS1U9Fsl5PDSjIFDLc-IKe6hHMUTvefQNeuVWep8xeoJ_nyq7WBnzM1tOFdKrEdykT3rzFZetQDyNMwtx9ZXEGf06PlpX1IcnkYMpZAiQF_UNkPutl_tnS4ate09cNh-mXlcf0D-ENn2UV6GttNnJl8sWXutuCMhApRDZUkZ0Hpn8prWVjZ-LRHmgvE8W2ZllYorgLLUs__-3qD45Xlk7z6sbRucmwmdLBbQ7VNEXX-sp8FfyzZphFTRIkV-8v0hRwkfvmF-p3_mkrCEUnmi1uX0_fuuSY5wuxu29x0Rg3WRqcwKYvZNLbzZLHbvVouUTfMYBi2tCKgTzsVvKpjFPNpU5B5H2rW2GT3yAxpsrj8iU7kx60M5a8UvpFvRyNHrtG-JMPR-NRzAz_Ed5V0sUVV9R5y0ej4gp8DTtEXGYkwbFqGfQHFTDLqRax3WPIJbBgdc-REHJi-6dzW2KZ7559rpNux39AClFTFfo2drKz2KoR2XM=
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=cgXKXm8NhMME4Dy46vuzXxB-ExWDeVtQD1Lmlkg8qJ2aHNcdqgdtrsZLMAlhqerDbnekiwd1uMvI5poaMQWK7WiiVhdGfHm8QCY7aYyfjJY9gNZgcf4KY7eZqpXQL4ZFJZBYK9n20Lko0gc_9faWvaKee07JNFF_lXEjP-WAcKV4S9qQnDvLc6nsZCe42Ybs4p8seHQXMwdol5v1jwckYYy5_3aT0CNSZQM82hlR1oRJVh2HIKkjPQAeadsxms6FbKxM4QHIYoRhjoxaHs5fkn7OP_HZb1ubW2f72tOrNmeGYrf7bjq3ZoJclhOTI_iSolfQc8HTUlJsuNRYYzdAaXzotMycAn3QZAJQTN-4N-ceq0kzxVUP0TDptSnVNtPBG3850gr8H4cDfsE9w5pwasIdUz0mujFsn9eOaPQfLTxR0Kx7_kRrYjeaxi6Z1L_eavLB9GtRg5LowZxOd-Cec5Io3fMHx9i88WM_ZS65qyGSNreTrMnsA7FgfkNIAMhgkkePyl3JSAb-O86Dz3ojfzl0NI4H1nXDIESQ7AwltTlIk8JUYbobX4KMRXlLgHPMPqnmBmSRxTfxcG1Rfs3WfFURd75dWhBgeMkkMi9Q_sT8OIzqmBPrAV9qP0HwBP3CM9zirBu930p62WbWlbn_q0ZtGISopIdLxPMv1Llq7LOdC8wTlBfcZlU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=4db7c67325abc07c50877a94ec58ce941637066140&psp=oD1zGnDAS9sOPmkvOQjPI1HXyWoNPrB0cQQWJ0-mjVS1b4K9pIeGudLDxJvSTL7G_UgB-hJlp8u0ace-Jv5FWYSOVhysXQxVbdaVUgJ8sTmqRpBuBz__k77Kn9sr6kbsjLvXyGum5jYSxpAPSBqSRTP7epHvZhwpds01oMwGoA6V4ukQoIvUXuWZNAuB_0l4aJgF3DM9WJKegpfJpwZ9kYEM-puJjjSEsylx9I07d7g3bayRCAtwP-d9vWgR5N6weEa8n3Ej6I9k6RHo25MnGgHYZCAS8OSbe27xnbiNPxN_oD4g--M8grOZb6nq01x2nQpg8r6kClnLbzOcL16LO38sLewzbBvAKGz1w7j6Bod6j0Kuu08yQ0AKJ-G8mCISYzSoFOKs9m4SybmN-k3dnvODsg6CQBjwNIPIUyYd_sfZsN7rTfbp0mPn50Yhzb764JUht4c3eba8xOrrFYmC9at5kFWsXSG9Y5qk0lcopWxH1ulCIF1Oh7WBdp4YMETrjb1l1A95KU3u1JPsV69GkFa-TUZRU5Ls0PCUsskU8v_EEHHTL3jM0I9Xk3jXE-qePNN3iYtD1DPwdrlYCe8-mti_QP08vBlKyfh0zF429IR9MGLxLuCLCZgVVFfQCjXEPROCPb3F2wXVs2HAnYWffSff1iVSLT3MsVdhLbBI5r9XkYx8BglKFnk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=XqCA2_U0eruhPJS4lsCbOiQrRocJKms89JzyHRN-RkeK3F70UKCb-Fz6WZOn2ThbOghjSOwMzdhqLD4P5SvFBWXeAAWG_kxoqskvqvnd4P6KXX03Nto16jHD17bJY3shAaakWtCCA0haKsUPRXOu3zNhvDbQPWNBMdWzhe0DD2xbE5GYAR1QPZshDOxTdIEIhmxBQPWAlrGhSFc5wZkBrfmC5iy23JfEYgyZRxV1_k446tOfZ2jy5QlzuMdem5qLpNdaFj1uB-8yQl_wW-MeRLsnXQwbuUqdWvOl1uexQuwHpQHXTN-Iumyf3vQN_J0v-k4fdJVI79PgfqwSHs4XF2oy8opfHqFslldX41x1IhY1lJrKa8RgYAYxPIqWghhtT1y8FlwszIf5gQoQrVwVkdmx83g9tq7nlVpQkrFqM_CDmNQbbE2iNi3Qdj1qNv71n2GN-zFx3DkUp47d0VzI59oLAyx36qU66oX5W2RJ09tPzZ-10CRslddmAIo4h-Npjw6REWy456Sr2dve0RVxxMOloG9VLf4dtXI1ysJelx9tehw0ngNnn61hCuAM8yOEc5BxYKklYjvXwGOzSHxBQdPfVYjy9nCZs6JWP8ZGKju2Pv1VA8hdgjKAzXnGnU17aFVnIF--mROqO4YAZlyWrovSPlVuMGqNWHCGy1CwcLV3V6P2NrX31aU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=tszonR7bERTovoebvLy5SdsJpiHzwRSYcUCwyV0QA-IaEtI9yPDGhQy8k0YvtPbPAnrIn9IpCtXVCXFyrQEayXqhOb_PTnWRA8O8MxwrZfvUnf8-IQfwB0-tLlmBY0hqmusZk8dTYVKPuzFDzL4f9OBXQd3h4qwhrf-ShDwgdZ3eb-1iCrmwQOnKOZI5_xIiPQuXNUXD3rqlSHP7hVlwi0rH12K9obROxBRUMShklHfgE112IdvbmalHK24lcSKrYzPyw7NTemeBFvhbX3MXCl8RbNid15N_jQ_6Z3AHghEAUZfaHlVNy52aQNj1fhPwk_m2-Cizu4NJRyN-61zfyJCnUArChtj6fL1IXH-INg9OuqwgHs-3VQRzrfNZ_VG0klnF6iAtb6-BxdP83X5HgwHlH88jvdEhr_VvZjllBAtbPV9-cdJM11N5TVp5WmUTClX5NV472M8Q4IaJNjXo9W-1GCbejBRvWfw3fi7eUemMmCkGLzmRBAeId5TmlsLrQeblo1zNuM3l0BJ6RhKFcPsKcCpX74whjN1JeHEJKCgUAObOOGo1oO9GptJ7Sj6chHMnfJnEjG4hFWvrLpvx_QUPr1JSzdpzSAA6oElHlEBzNa38U_hb_CWaNi9xLZQXJzf-XlTdsefqgH5viPZj1Rsp4yQSsiavkJ6d_bmhoH8mOXNvhupTWoE=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=khv8dIaFc8VrEMskoiOICHHtJA8fLi7b2d0-_2a0OneRZvW1JiOXvq6XT59sM-DkDWhsKxGnvlDVs1bVTp9vRhj0QfEgujvBetRK2Wxq08wGGuJ2-gOhUI24KzjcTE1sMLb5RZbE2d443Y7cKIh63KXMuSjgXUMs1ay5LGTxuhVrW8Tj4VPGAYZRkfETWIVqsKdVNVxnxEHbkrUqt5i0la43wAEu0K8_1QJC9zHE3KXaqFwrOqo2xBVU0fPFA8jNYJHhk6s95xiV61eWDdHnk2QSLMB8Fydh8na7OMfbvcr_41qMcVJPOS-Qj2IpCCoLgkO4AGvLOrTGlKvpMNSneF_GHpeFaWinRoBmL1VuRPOS44xbCJHSzcPhOm7Kw8G3SVaRzBrHCj-xS06xUzoaD-iHc16NwPR6p6HIVNcFu6CRJizsCn4ehKcEPP15ppuktUxfKtVb8Fy5SW6MPSrfNPXbhzIvyURRzSblXBtHw8kiFc_40usWjT_omwVMSFus6crQWiFMvJ2ieLZr1KiYJXdHadwbST1EJqRVqXM2Khr10f8e_VWDVoG1ZBkiEGjDVK2U0D8Fw7aJB0j59HGbq--HrEz930ntNk-y-iCG-OOx1W5hk8ux_3sz1AcxL4V7pgTTFc5fRRAQnQQSel24NQ_T63x2s7UqyeNaypHdv0D3yuox6TVNfT8=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=be783a505b8570cd7123a19a00f5920c1637066141&psp=nkpRW5YA8c7fLg-B797i_KldWMHhJn3mdf6-dYQIpSjWjc_7gHoy7btmZL6_Zfw_HPChNagq-yOWDntaPACb2SfyxMNYRj6Dm7-qNPIefaq9hH6vY7dDPziTRECtWH-B0Mec31a7WA7RW_fxAg5EEG7I43bvzvl2ryHco-Mf53PDWF00Wi14i3vd76UeRpHf-u7j8ltXCjxOboEyEb-TIIxhGqsnW5p42lzaL23v3H5WjB8HxBHwmg08FBq2Qt3q8jZGUI5JBkQT9ECU_JKwFZbz1JgpPAufrVf7QwTG5umFv1nRiq2wMxsGi-vLp_jWDYRynXbvcelVt9XUhrUT0fq0_NC_df9EdiKx3PulSkGj7_WnRg_nrzuJZqqUiXzwvEq5o5bMztMmo2MU2lV6EkCZejHRPOMtrUfPnRcVcogbh3dtbIC54wUFeAffRher1C3p-S_Vqll5H09pVBqTeIKpzymPG4yazeA0gJXOAebSgUCUc7rFccT85nESwHrW7x1wAF8dyc35KA4-jswkuvJfvTK-HmagoqJm30BA82lNMJ7G3tDTsLUS4Eh206Os2AiKkxXZdd6pD5wDRHnjYh4R0U6gL_swGsbUWE7YThzUADkcRNOxas0vwel5NvbeTdY40VC81VYZ0tXhFzTTOxZJd6tpGhxtMmIab_fnEgKoSpBsgvXTfUM=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=zEdsKWwg7bvrhdowR67G7Z1TJplZRWEw8lNV42eKJen_c_5hNVc8KNt2wkv6hmSEvjG0t9c-YLehbI3nCOBZOuU47Q_SOyZNC__jAcBSq2O8yf8DMLEZG2LxAh4nlT90oDivZMyX6RJZVe5IXPpVrzZGiV-7RDjSnSVMEjW37ipKC2L3ldpOCrJGwFvnT6wbwXLEEcFhcx5tEmiOaRdzDXQdIMF1R6zOfdfIqRA8xaUBkPvKQBld6He_gl_0a4AiCkZjnH57ljsFqYp4RJo7tDZ-XHy0SNMgQAmACG5Ea8G7liaZb_zo4UUlNRvBCs8e7YFcVBfLLRoVnw8vL03khKti8iqgSDFlG3It3kPcZ_N4Jps00PSLca29BC0DxG_9Fv2a5GyDGRWm5q7tZS3nb4Xc_EimqBCTMuWFUB0uiYLHafkvPQV1La6u5dQ8JVnDdG0tld2JBh_0z4s_IYdTK6777Q-BimKVi2q_i0CH_SIBA_lsQg9B1fs5068X0X2hwRjem6uqTxiV_rR8bj4gQDZWpl8MGYX_Xdgdykj1kU5wuHE2tw4ePpooiJ0YknC0MELFYMa2dXwLJbtqUsJCp1x8NKO8Lp665OP-H57ynZH4a5F_wl9CWGdUEHxpuDkiBmGJJoKru3zv1arnG4B-4sg9028qbCszhZA1ohILylxZFPt3vvTl2wk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=gQBnacnnN-pU0faoZ3YxafRT6YTioH8UMXY-peaBAd9X5AAXP4q7owWGXZ5yua0dNUtwWAKZKlAYnyZd5SooUUUnW9KhI-buB8G9Hb8FyfxPdsBnfzWXNDf3mqVuUMKHlpqnEqcKhlNxJMrG66uyrrMPc265WagV1EUchRrp7bPzPv8p0BzixQkK_X1yFPcKP_R8tCMV3_AmJ5x2YfLnEs2pOSF1MNnLWwxAyCzoy2Q_QE6X5uLtxJHo9qyKuMOnkAQHEevZTog1kPs0qfD8RWb5xLkSiFlSt110MH_0NNixsB1YR-GcLVdZbWIewNn1lOHA5_o6GMLBbennAbIO1kLM2oFV9XvCz9I6O4I_oLLclGTOXLzzeEBRmoVHH5KZPq5_P_MOaNM7miOzkQWUZ7DlW3p4zwon4Yiq6dOUtcxYy-dFLWjR0RtTufvLt48jirrnSexqh0z705oNiA8SJqC7nWyRDk5bkNz81ll-_2ftoSJtj7n7-ZMDCcWMvPG9QTgHqS9qiagcJy5l59yYLKrcwAJegek2UD62L3B2fmG7zGhVHMdVtqGh7-eAWEtzM6K30YnFS3W3q5QDZhiDxYUEXTnDdEUQJiEXY921lq0Erc60O3_FoXqh7DHqpCGrGpznrLTXcE_EQKEMep60bOvBWiU8D714A-YzIT6-V32bktT41yjzRNk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b8bd01f6a87287a1b31421287113c7ec1637066142&psp=Wg0OsmY8pPM10j47yVekPuUIJR1AJ7LgnN7FZmN4SLz3bR9qYNdhoRZh3kJPcVNfofaX6_YvzjdPt2g2RCxbvS-fjrjjXuGSKi5gE2MieGsNzFcQLiruup86j5qD0vi4Vm5Wq3y_4VY2G8N9ceUM1kxldZF24obAtxFM462vekAkZsletzFarogIxAKoiUAJclHJxoN_AwWbIPouFU9IQsDle5KXesBBCLQjXv2xMc4hQs2G06Zr5cJtNwbSJqXV1f1q9zjStJGsLxSEdzyOMT0HNFutpPBMcYWHJ7WUk05m61COzVNXV9pZC54KvU5TatHfz4NI5xCJENWnZXhHuT0yG5nbH5-3368W952cgjZXa2rm4x2zRSLsW3FREXnY2I0eIh-TlTTMQJKJVbpFDiooC0DVAHjjdqnYVIEgA3Objcuj1mSJ2ll8pSAnfnST4ceJAOKEBxiTBh6N61SB9QenmA2yOiAi52fzIFF95yGDTVtYzQflKrm_eK0S7Sl13uhjRMPmImwToSoUbE-xN-Xmpn26YtGy4HAIE_2jQuDvKz03TKQaXUTFQhmH8KPFWCxJfnavf-R9SyoQ2lJKuWA98E4WxKkqTdlbMZvC3FdgtcVn8oEAoy6x522iVByrx6WKtZqwQqXKU1gUFtO6i0JNHuB5yFghvCvxo6FxzSMaMu1l5d9_hQM=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=X2lU1dhqp7mJEXf_dQBXgiRkWvnlaJ2Hoq4stmzqemz2dV0tk-P_V_s9q1XOMD-SfaarVRz6k1ROWvIciLvqsis_sWzTCDxPfpP1BSHGeQ4k5-RPoY2un_C-ZJcc4b4hkA9mG7oVCS3Y_FnfHkjiG9CCdyTTjb2hnLRl0Mu6R-mSPAADsIkfIm1IgqwPsdKQItDDt9k9hDkgsI9g7RNbauBy_CyHl9jc2gTtYsN8kgWMPZnVW41RlhJNcctvWvM9PenKAPAqqoZmL0bBNJYO1ZIKJca8svNNArLGF0POq2iwWqvcPv68Ls-D7fC4k8E2-7jIVIutehvnlKxpu8oKFi6hJuyl97Tpsk1XAveq-jBrJtClBMKg9dqbsU2ie6LLPuUNXVroNJm1xLH0ejRKQAG6W2uaqUMy9yOXItzwiS6SyGvYP_GrM0LUWdPrsefDo1HVKxKHQwW4YHZi1mMFHY5N_VWnJjKkNtwZRzOhp1Cxj27OfRJhFF0TYuMCmOF1taOEDboYVEqk4J-KsKQAShIXsGM8sBAlwlM6R3ZxMikg09jL3QUqcy9FuLpvud_cmhS4GeMvu7uflmDGDInQIfWlHX046_mcLLncVSx4alFvwfr0MdpDi24aAeKusmlAcB2nShF0RLnJTdttzXX7Y0-1LIIUuDkxefZ1hXFegbJ3HfJvbrB0CLA=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=4jM__Y1mG-PghFqci_QN4Cq9q0wrv-pl49JmKwknFN3UApsCfgwSzDg7VOroImfscrySCTeRDc0kXL18LhYpufMCSvJpKTVErtzvfvFKtLb1Gw5jBxtjrkv9s85P7E6Vm9LabhbULw_UQkxB9jf5SIkHq35WQ1KgMODVegkgMH066VKBZrrlIcNyp39ilcK0Awszg3dU7kJzpyZT7R0jXhiTpRq7EZ8TkjOlAkjAoct6G3OloGSUI7LiY6N12x5HQxMVuSNrNYZipe3ypC3W0lgNUPYjhjoqD3QEncKfKYNgflQ5Ihz_Oq-85ClUHRRldqP06cVGWmjLHbGeJmiq0MECX-rQWM2SEYA15pUNp7y3horGSeU4tXe4yEeCnZqGZEjh5eNfy8mCkq9dznH5uGBBd-e-klYLZmkDijl3oQh82doz3q750kF8_kMFREiG8o1klNGJlJblDYIa546-flHrpHan7l13jyk-W-mNnDDGYmZSPEApgjDxONFm100SRuwkU2cGBk66DMAjtnqZhS6jMcBRbxzQETMZ_dmv3WdBmJrUPIswVgbbwB99g9Q6q8WvgRLVXKApPmQsHt3MYsgd5-gIwIqTr2AEIbRIg41ZBgKWu2nvB3XJusGj5jyfX7zkE80zUKNdXy8PDA8TedsQHjTuUuU6yrxAuuf0WpKM3rLy5qGyCso=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c3f99ea0d88086e29e5b7e7df209566f1637066143&psp=utZPFbaI8b-RTExNoULgIuBIlMXaxYuk_l3WWVVVm4qFvtDbfj312gQiSTDAKGoEZdCKMRc-zcyfAeYVm57X2prGrMPESkwQ5Wkhzzo_wdnqoClO0rNejK97okeQqT1SoXdLQhryDF05gd4f-OOontiYkSrHdGnyFmMxvmZzjq20l1u80ZoYFvD7JltTRtzw3OKxG_pG3ubkafvlCmm_Fw1VtouLKxu_v3nYHEA8K3AwAjBA7N16x0r8UeIbLT7Vafw6GRZHUi5ymVDz01Ja4Pv2hCOMNOd8WuY5_4n42vNdI_TFLVX6bLn7jw-aVlhHiMKUxsUj6LyUqQW7hUrUxWj29xWjL33tJ9fLqgP-l46VUXKV6LewdQ7YxpaxCozCquDsHd465g9VH-IA4FF1lainoSfi3Cid2tqz9cZxggyflp__8o5yVuX0ro-GNe4h3NNcCJVgNXo39iEkn7-fDQR0-wWsrj4KwpDB4peVXiqvX9ann43gsgdPLLEoN6LGmXXbfQMHuKGIfE8zmRFKbE6kCFyLRQ1Y6PACrUy-3_UjQPtGpCz3rtZ4X0PqZBxF1Y6Ts0YnOmBM2wFL5j82l2FEx149I6nVL9_gqMchH5vI7mFKCNF9juRHQgsF6rpriU1hewKZwHqzKpmLTE--rgDXmtKdt2jQ5MdUTj9UyuIi3_VrxmJ-dNU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=8i0agx8C7eF-Vj2qqofc1CU68ZRGFhEpWtJ7AfquqeIgPFJhN7SSb48IYCJldvifbK0wl3XSCMgVw8focG3vNn93ghm7sDRQRllDtmVdSwKuzfkC_deyVMTdls01GuhbIcVfB3ZRHat41_WqLrjCamBjwrVYf146-IWz9T9UY4HZU8qipvgdlGM8w4EkQckRKYQoCnEOR8xD-PjB6VPzjTABRpz664T392PmteSoxZyfhuhHqmHn2Vhws1J2htNE3fhA5GKi97SHUgpDajCTkvnea0lw7u033i1IpptD5FyrS1NlKkSIUdJIzRCf9x5NOlviHQfQIOnYn3PKhg6kemPMs5yB8Glagz8FCBuLe75TlVTqD-HRRU8vpwr265nv1R6RWwDqkSppgYFZRTFcBo3onVUzDvBPEfrSCqzbAZt-jIirkfcJaiWWwMZ7WpvpMq3-8jbNLQxc2YGILk786IW7yNHd-haQShlizTyEPO2OwrA7ne-m5X6OrNbZkRpP9Ezhr8Gh1EElvkUPbSPT1ldWbYHncs2riaLbAZcGH9vRJZyNNKkG4IW9nB-BvdcB6_Hz3XyMcWx0oZCVTzimUJfLdtVb_XjVhx80CduXMGtNxBfwgRRPwS2tHQ7myDyr4t1iXW1o-3_EfaXeEwavb-nufEsHNztR-vZuhwV5-_sDdQW160ojFCQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=oLuyTS2kvPhCUYJfT1RfDRY6CIe6ONj0mv334kMqurlyBLByLne-_mlaN7e1mEYCqlLwY6OXDnzvka1mqXh86NOO2qPnrep4tEmMDwcVnayt-PpIcpNJJXqnPxzuqUNBSdL4PSEgGzyzHyEApw6ko7d3Sg7VumaG4bm-WS7YTqfxLAIn57Sg6V4Jx6CbGDLs2OYAqu01TV0VcThavRTmDhwxRaIFVsES3NhXhqYvM9TQRsNz9fY8vddKtiMGWtqY2iSXas3CIOnouIeKWn8lccMZrdi-FkZcusS-VMkVon5KMCuUTjCnQktCxP6h298-ME2TRhAZ11I4L4Hep9DtzE4M2Mpu5DkBb1C3UkCbILPREWw4NBODzKqAVP8bsj_kj1IG_QMdPLnRdyYfGEEj6ZpOPOqUgtxQh47X0LKDjiPJL4w1j2yx829Dk9gRguZJ2xovB6G0RtV1zfW8ZGqYuKzIF0JFEWjD_RukpJVQCaIi9xTHANFTBuhwKdMWiIE_nfikyiA8440WIW_BI9tvXyDZAWDqWWY4_nY4s7TGjYTy6Fa7jVfwn3XS2SqEZFAujo8K4hSuNmFFuZboiYy_zlHtD6WjGPWtrJSgy9D4zkOhwPCGhamHCrQ5DNGjbMD_Wv8xHbQtTd_KOIvGfzYeh6-kPhBaWHM4zZiHptvs-ZSw4TmRnWelNwU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=2WTagKyMqru81qXyjnK3mx5EIaDn5YAPRZhrdOlCYY0UbnSic3fscRJLsLyY09cSSwqrKe-kbSU2D317d_wPXzKa1m42a3-bBW-2_g9lEKIT57r582Bzn1vE_cAy3xo1uPE2nLCAZeg4UGeihYOWKZFi4G665Bio29IybM2K0bfVV7gZOXI6iMH4fOLeP0AToZYaM8164OyHzpcv5kMWaAOrE9dVstaV68_XpimtUFSSFr0GhWo0ysx3YCf9AJ6jlwyNsELxlvhSoxWdrFBWOUevXISYXex8DzeAHzHzpPsgpw743cNgmKg1eqDOdmSTQmvIrNhphWcCHtW_JA4NRurKbDl32xlbj342wE6U_UUUDAhM-L6S_kGAi0Pcn7B5US8U9udQGrnHrrq4C0T66XDMsNaDN8pC6aipHqpKexeV12CJicqHgZNr4AO4JbG0BIM4SGJ5RZb6MqWa3KKCIPDwz5nBEDpbiUHWATFLN5gbRDA8MWcO8Wkx2ULdBcshIsCsC_lvOkNMbqetddvLhvfVVgKsfyr8m6W1k0Pwg956gA0WS5zxxFaUC86Exm_PNOJ-r6Oa8g5CzcWIqYKHKYj8B6u5WjdDxnd8wMU2SjVHLjc7h1pSnxnVP3n6dLLl1DTpAxENxUoLuNa_ZbLCQzWlyLjXRmmjfUwYJV8gppsO1H2wCYe16vc=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8519b19e94b7d487d0ad5b26df245bbb1637066144&psp=QG3iGgE4XbT8OpcGPFPsA5-W-gVv2eOWlkejG28GvlhxBZK7g7kTbBEJ9dU0tklh82ilSvgVGzpp-8yG6cUD-wYhnX7MaKC9XRGRZL7sMCs6mDWSoudMOIwoZOCgxnCpDM6UoOQsI1ecm-_2P8OXWv-s5unk6SI-LYYtVRIDk9tit4ptCss4-aO-fZMq6JE3JjkWxnzASteO93vi6F2Zn2zEotAnKF6OV9Dq3X2nmC5414XHz9NtMLDrpwovRjHJ8xkJ4PzZheGe4LEstgqM4P2Od_PvG3BUFs8iAdWItyYp_INh1U2_VFez4K04vv1F-EnEA8X0v4iWek-aM9LwI4ikrmDG-gO7Wj-g24HjSjAS0WmWgcBf9ndICLrZwbFPc0Stv95OTq7u1aD93KiL5RkYQPSk_3wust5FdWz2Y_92wWwMNxQHrL6-LG30OFk3w4XfR3FmijymasUFY2oJFFFwsfF-xA_MzHRUhb1-Ij3DNXIxGyeQI3VgpPOq0WQRDmiqhuYPJQcwmcIANqDCM6QVZbNIp7D3BPe0lpmQKojGHoLcT-KwWljvMJWAWkHEkdEe4AQlxh0WOrTRYZNSGcFiq_tUvCpj0L6kYEKbZI3UiF4BQ4ZwQCXUScVZ65XPmyK-mxNgp-kzcXfC0hAO9pNmg4bHeYDC_ZHbXnpvXJBGZkTyuFe3VQQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=2I4h7wxkYwREcZoYEb3hx8eS3jCIN6EDKCh---UWG2LKdvaWbznKIrgsIIQljfI1R23mwU_0jFI_7-_l6o9Z-GdfXISVcW91zSoxPVO58GvL7-ZCUWvyhuLsTJi2_SmVd5JU3QvwYJFbqQwA2zD7ZjnwlB-X0rPta8GbXapbmnkZXnPSedoNVDVlv8HvzN0Erk-PTbeYFdJcs_JjJiKqNI-n11raYfNClMBChsGujboyHSjey3MyW_LmdhYa9ra-vqp6DZBysYZcP02oUjgHNA9dCr00pKF9xXznBlKccn_kp8-AvDvw-new2lfU9QEWmZY1gOJ93aBJDJ9VBZesuvwvW4fCDTriIngPfvl3_XWg_l_sIhKk_0mXqmXfBXeHiS7WwpCKUV9WK6YwiX5KiuCh_7QpNaRoqwQVhUMgn8bl5LzFNosnIRzeOnThXsbr4hHZxD_NDjd2AWDXGdcITE4ZFfRReLWAiAKDdOBIXYpaP060UGbuZMKlfzd9Zy1rdU-6DBV3VAyscZgB-f1OCvTtuzpv4HhUhNeg9OTK54Vz-kOa_14pPoK-nqo887mFODiDNDfiXujFyUvWphqjMeZPXk5i6T7eb-zqg6lbnxJ2dUbYy5Bl8erTHsRfVYaOsdZuR1E185NsFPXkUzzW9zSzKPkVHL30pPxYejVa11UA6O7zJgT0ZHY=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=ruT_buQAd_xQx08Auh53ZHYOdFcFhQTGXH_43eaMPwU5l7AKbQ3VhCdR9HZv4EkvHlxj_yB8A_L51speIMNNN_Ml9ezx3kDlr7LXRZn_KsIOMX0hbCjK2vB2z6cN9h76WgD3eJcGIzBRKPXmmAq7nqf8S-6bb79ECKfdvGRnAvQCIJ5OUj95UEpJDQ2IiNyqOI0pupNlzSh1WCTTVHlNs9QEIefUPvylsoypu8CL9L9O_GJm-BNyh6sQsZx2MVqJ9SH0PixPyx88yZ28AnNJypwPybtidN_iDM9LijaIc_gZiitDafPfaDnbINRDqL4uH8jqKD93MgC7Vb7w3kCD5zkJjNrq6E-cPbNzaVKETy0pYC2OkQPYzTzg-qBCOQPyLnU1--Q--f9nt3hN6RjMfT1D0qhvWXcwxIuxUvcLrQmkBMOUOtV_R4NRTu87jXmYgGCaeiPhlm16RVCAQa_25whvxdMbPa8yHisv2cEIiWi7aVsHpm4O_wvNDwuS5pl_J1nFGpu0Hd3Q6DJP1kpiHnOp4jKTj0gooVK6F-q2HnYlTjPhuaHJ3dC5-Zh8dIeNLqQY1q5SxoeeG3yT0--nCUpYLsWcREtccMZ0UBI1BqOllg59CIQokq6aqVrpfXUNXApE9beT4BJJhZUK33uP1ugALRzmjspANAoJufGhvc46HYH3XDWgM90=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Tfj7EwXQgViX7dZbvIW5K3hDrqPuXE_6gewXS2-9b7qNFOdjb_WIjmncEOjYrdksLc2hIUNPvjv2TgwQI2qDg4aL0itFmXhIKBRtSLtmSlru7pM9A5pSP5wRIYd2XIe6aINkf7lC42KS_tOsM4VJUiFaMztCnR5V2qO7czDIf4zpUhrKr9QhSrSmijVeUEz8X1ObWeFyprUCbRckGKJDaUak2Eni9LrUPu2Kg2S8sAWgo6-BHFIKgyZtLfG6yuSG4bR8axF3f5jZM6EhNqt07mKK4JT2rzT5k8On0CQVLq2FTAS8guixRFsbJ6goTeXRmyhVa-jByhPwPdtKUuUefsSXZIVkIg_dxXvSceJy3yMoBzqG-lPT_vh4UN9AGC-e8Lkt1arkhgWNSvYG4YPS8ghht1JVb2knIWmLi5Lm2k_hdczUH_IwVGFj6fjH0WfTE-ZA97GwZ1B2aNqNshognyFSIv8OoOkOWm6ApfpRpG2wfZR-dMZ7Csh7EAl3gHVnrgpjWU1gHy_fI61PmY5KEszCNAtkkz6V24cXgXhZzb6kwhbSZ5RiZoTLHrmjnefdEhsxUZyi5czZUqNJ4jmcNFYaIHfcDd_fLXLjST1tUyvQQjjnP3rEy3adak-v1JWkbpho288hWpe1dcjvJv5iaKRHnzEA_gtqAQhDuefvluMrYhwPJdu_M-A=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=3fcb3bb183494bc4c66ed95d14b539b31637066145&psp=Jx7qY2nfXNkdq6TOlK6rxnQuNx19HZjZCEyPRqKv55P9QYpIhzpH17gNn03Y1BW6hPHW92gKFFfUTaQ_0xjkPEodcr96hyTkr_B7SzQZVVPUqUiDGqeBfq30pw2G7Hw5hoEMN92-oyFyTXs8lPsqPT6SUgzxoxYsdZJYQpyexp_uB6x60qJaVE3lFgTsNaJInFiMdesjtes1d4W8tjksPMh4ksqygZjz5A-Dsue8BJeuYilvXS8PHEWm5xG1scG2oAyOlTY3U2-XIzNbKuYiu_EcsWnWvMaZGqOrhB6JuWY4FCwksrBXp_LiuIxYQP6DIVZxjqpJtcER54PDskLp_YfTEEaFpFgzSKtvDpgVovT4qRBFCZcqYpQFh8C6R_wsmulmJJEYFmuYGe2rkwyhVZb28Ko3ZDhqxbLnVeLRx2hGJi9Uc5NGrezS9KvmgH1ZCo6slNahYcSrRrv-9HktKzo8P_sNzobfh9ZLT6ua-ntBM4af6Ruep8hIcWFSAzhtqF-TgrwNA6A-3wGEaTdXl7oL4D9TADjRpe0M-XRPVaDBNbXVZMBr9c4gR98Q2c1NUgcbcW55Y7U0IJMV4AzP7aCpl3KyESgpE3ER27I19iSo_cMnOdWDaX945U59fJX14ekWyebz5OY9uu-Jm68B9ssBKh0EsiznqHk8AiGTBzp0RU_E3oS4QTs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QMTtJuawx8QuiZH_qxlrtb4gWqihRlRWxcYFOZBBX-WIidixRo_O--2wPBohTpSgesJw84cziZr5KZhP2KBHRxpIVNPrKqU6XOjjcF-JauEmPy-0qD0uM5yygB5y5xAx53w2114DGKz69JsK874M9zPL-IAiP1nVz95HJnESRO66fOzJgHRT25a8UJHR37rhC69lfjvcwb7jDtj7SyAItoEsJpPqAonw_dBDXqCEiA3odTDSIvvA_Z6MqwR8I37PRfASWWzoK8pYI9_BZDvMUrhpHEGmd0LBxFrLBIdHzC4i9eTuOPkkR3539VCNZRQhwWDDuYCn6LJv2kwETVfye3gc9_qedlGc7VQDGAJEznxQFkMwaSbLiYC9ylaMTBQjXh9Cv3fOW2L7oDGHiSQ8cFZf4aZA7W31L5g9KZ-bqRYcuQ2pLDv-ydLIaH8_lDud88lK4sMsFTHXD8ZDKczljdoZXEasqtrW48yER21LEDbCCTbfDljDw449WZiYG31ua2atNlaINuCkRBCLuS3rOIjzgAhwxissl5SYbdooa39zuDpq-8maVf5GJlwdNvPQHNCj7M2e_UoGt-ZAl9t7_S-vjYUyyqKhHm9iGPkdKo4-e0JDSDT9NgQPpr9x8nBXTcKVeZxLlCf6iqbo8_ANSoKCPgyO4ZL5_myxICmRQ4v5z7Iw4jw3_nk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=pVTJEPk2bOfMLZ3OmT5sUVOjJqK_56cTzkxkqjv3bSTUnBuKo52du3SOCFEPB7H0UwMiCovBw00kGrE-tMlRwnOuL8EFoE_f5DStoR4W9qzM2aYwIe2BXDQ9jzHp180FVYOyps6n0CcUbq5jPZqPWLPng4rB8hxQdfqwHJ61DTFc06xIn3Lt7glCiAzXDsNmteP5LtKQ0LhqMJbfq0SkdIeRR9X4A5mioTlVvcDohUUUV1gNKMUvho3bVGc83LH40xZ9l1gmkzqf-h7EFL4dum7Vy3cy4lrDyxBgRu07wPrN5TWBpqjD_wn3G-6xB-ClSk6IwHuLsA-s8hqGJAMcr8tj3pFT9B1SyMC35U1N1mND7r-qrsxZINV0LwN2svNWwiSAUYUqM5BfFC5iU-7lD7vTPq1gyIn-fB2zccQJIV3qc5zp-zvrDEkjDzyo-4w5PYpmELoLiIzUEY-YL01Okri62f2YSa3tjUTUYbDoPnqFdqPOGRez2nXzlj64L-sqf05IqZFiWj8ocRlOlsz6UiQeluf4NZ3UnJGsoE_eeqoF2QjCUNIoUBxGtJC0Pi_YVmwlEzVg1FtBzSFf_YdHkfmgXnIcK5gTx64B9vq85CWz7MFVFzIpJ73SlU6rQhjr1OxEFdZvyKteUK8F84h6Kc-s_MWOyJPDXS5aSHzHHlU-ePsGd7Ona_s=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=KDso1Nce5HNti0T53QCYpiFKfrqI8GZ78RSkDormJ3oknOd_cPLzVrd44X8gfgYKUA88zkbiPBJS9z49vqeVTkbzwzvJQD92_AL44xRaeAaVQnITJH5y4GKUGUPFsP0ioYAetCCQrjuy-JlehZZCodjHvhFAFqqP7SX70HAX0xdF_Oap_pG6YvxCYHxWzYblTfJdSXO6CAO7u8c7N3h62vVSjevpIMaJ0So48slS4-1nJMeXldxFx_Z_2Miqn7FvRzge3lPsjv9_idfPu60_k1XZY5RjKx62URCqkqUwIMaq5Ay-Z035jcoZKWh2Iru7CnneEbRtecCqhJp90w3FnvLcBXNpnhlTcIPH-_9cOt7DhVwrH3IpHeTndzFdUI7VJ4_SgVmGSHUsPQJkoovNB7Kl9GOwSfdiERUtLJbV7YV8ZJZRub0RzwNRomIe8dkkherCctJyQuFksYC96J_aHbFQy680muFuu-tm8GuGOq7c82xFQlTR7tiUi82JHXQJklYRcLcc7J0iJje0pRGlx5nJcUmjK4jVOTGNDSIcIkbh2lbMsJuB4ybImE6SGXHGQpQUFDPc0peFzkSwRckjikJyJZ8sPRAQgxEogd53klG81tHWV22Y5B-FQ88g6uD6PHlkjvE-tGfnVA32Mkoic58sYI_5PAlB8n-cfEClGNMyblACsirBGL0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b15d49cf6e1796f12badd90056ddb5031637066146&psp=QUecyKf3fFpn3n_23df-ihP8TUBNVdx53jUuC-BJUkMWQRzFn43OoyrdJvUMNKjMQKllo7-VAlkeNnc0j_CuUasMeNYR0aaVscukBQqnT7jyduUfL_qH4sDBan-_zlxK4yDPG8SCO5sim7yU-bV9oREu1dyjW8DffBY2eVNtIy6FsOONyhBKnwtQd0e0EeIYxbejjClM5TAGf47z47tRTftmLHZn75lu01uZwfLqOuu4ErSyqd5U6o6L2ABlINpFxqv4EV_Qe_CR9BIhlLPIepqeLr6EeLhWBlvtkF-AkaTfRc2q-tXC3sMYC5ngttUE2nuo421dNdmFlkaH5QxAzIVu_3SNxIXJZ5-rh1ngol9hp3OgLigyeVy2Wu7Sapvh-_4k3v1hd1dl5DAO2Kz5C7d-pcbscL-22SAXbrwaSgulaKh0wO33O44P_eVE7E8tZX357MVrIBZu_H61gHL_4TmeSbdZqLbDSQLcXkI30KHlBuPw72l2k8lhPTY8jm0E7gzH4wK2SbyFb3CmRhhF__ew0M1FSwUTV2nNRyruQsigqPR1ty83uHxRDeIdQWpNbrVFeEcqIEV77qfSvVDNysbr4ARaQ1KIrDe8bBWzII71FBa-MZhuOGyL6SQA0PQmhM2xfQC63giUGynXCxJ-cN1P6_vllCS2UQxhbvBIL9pNFbC9PHJ_utY=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=GEDDGkkusLEUSZzR8MC_9VMMYvrEunl-Pd8ezsiJki2h3KchmvXzJNNpRrJgKVk0fJWaKHJcOuMiYkpUgREdYgoz1uPVsNyuJTyYAYJkmeFSPUnnjrfWDS7It_5yyeunCYFS43G8WEm37gfz6EmIn0c9Lk8Htm2evXu73g6hCmCFJuOTlNB1U9WFpEUbOWwDBkEa4P9_5gjdwXVYaUbN5sRX31UZ5qn3-8LWjCFGl0E8iWqxZDPF2EyZdLVXStFLK_B2SfNb_Xj0dr2CCvsCgczPI60J_RZuUcHBAzQxlU-EEhEw-bSSmrWUruwV-mint_DX3YYZBLNhE_hCs4vm8rkW-7mXtCTjySGCd9YYYRDu1DooAw8kiMdT9R22kChBS5fHMGG_fQwGElqSk8vh-UeDkgBEZC9jVaR6m7oF-vnBSD0v2im-zPLUk22knRxYlh-_4oeCiuHD9S-zKQX22UvN1SUDXpJEe6WCl0AZCQ8mH498ybe7wsYyHhgB3wIDV_CrErYTXphKcvVGs2WohiFV_vIhypB8MnR0xgie9M55hgaHI5dvny978L8a6ISgpO0HW2AzSLEH7ot922YTM9NSHCBkDQotc7iHt3yvaIQqXzLf9RTs5SI_KvpJfdRYCHSUx-IlBc9-yUz9P1dfhfCQgoAk024veLxZEPm37T9GU-3Rd46v2go=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=k6w6k5Mp9v467ICUHPoci-OT0rXVr08LeHZWIWHJT0kZTi1gs_mJRKPLIOtjerB7_FwwEyN9ywGT59xuO8vElIJBh6VEpOhWmUhRtpe6cPr8QpICa7mbqOygOnWECxiIRk3NnMP7Zyj1ZO_SrNJZZ5_Giz8ywvfYNVyKBsMkR1k8dyiS0isOR5Sz_Dj-hcKdFSmbtLoxpriShmbFMiWe5e4iXwhL0f8AeVPEeugcEqzp5kSYVyGdYVELJNEkccpTIaPaGhtHxzyUN9AzIwUIXekAno8DYtpkAzMWEs_Noqlwn4KEWEPNEsympcGGF6WFHWtVLUxeTOgQl0LdIGFvu05tJNOHjuFwXHmmHVvoJgwkn31FzTLAKViCqAJz4OI_pJk8DNBMXWHft2QoWI6IWt3f98xQCWEBBPayDJaEiv8hNRqqoc5ij7in4ZgJ7wwUjy3NoLdOcLCuIcygT_fXljFL4CEiCEwpNk5JjMk5Xj1obcYsnNypbnkf7xcQLXj3GkWYb_UudpCzweNT8-TLTPvKPxLZ-k10F4Z9wlVNYULRxyQDTiCvo8hkoiuFktXjjd0UXsTT4lL9Aojf6k5ZTSLe0pskVxVKVGpCXxXEYJn_GuiMRWcOWMhNZcCvIo1etoS1NXUGn3f2_PE9tqdGO0_UjEtVFbfOGtol2YCmAkzauqG2RB8T9rw=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=2vtIqzUrrm8c2IFsOkLOhjLdVHyGjkZr0NK5ZvnA0RNdJdxtsTvLw9EKnv9JDQUOxhfK17Lu3_WCRwaMd_a_hYJNj69E8iWZP_ahYaGcGOIodFNVCmI55FWK9ii9rMsuVvvyLutvfQuvNTVq7jGId5PGTm8K65HpDVu_a9m3_ojhrqVf8XdnJ9TqhEiv6giSt6KQc0b8qcubh5yLo1ZQy8mPgKZk8faZHPMbYYhNPRJQBxUe6h2oRAlehNJ6ckzuNlbs2Q0DBGBv8GGt9FH16dWWi3tSCy2vQyKs2LLRVYbYys1mb5jUJUGxwDJ1kVsOakKKUkuFsOLFhdja7CbOoPp5wSSBdE67K0Id3HbCQEndYFc0x-JBon0DRAtdHGhFV2g9ht7oOHmhynNcASGE7J-qraJjaxIjwMFNo1A3tOFn-2UfleBn2Zv_IC6w_5ALCURTA_bFxeLKl5LwAwLNTN2tnLb8o64tmnNZSMsReLZEGQg6AQr49qFgp8y-Cin6B3lxt2txhyEf6i6qFQMiYLpCvtradrkBePmm7ikG-cjFaFmNid8Mdz9Nn7sbKgMR08w850_yGEXOMvMN27H6bb01YCACCHY-LuxXB16z8lh7BlkCx1Abf64xOXMgZPj1xC7Az3okrx83t0RXBT3pSBFIJdhjzIQ2UabAUseKuFG396TfQ6Rw3yw=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=65ff9f5eadbb52aa1c6bb47a86b4e9e01637066147&psp=eCnreg4rS5VwfMx7T4NTK9deE2fl9RPs9Ox-fW9MOj0lGMtRcaT2cXSkNpCHHK82J4aOYgMNvYrezsixZc4jHdPlVdI2Kzwqx4Yxvf85lBKAZXmKiWRpDBLOkgD_cRu378C4xIh_qkW9eurrznZR5I1jsnWJOBqKlYDoR7ZWT8asClLrxmM13wAmgrKF7VH0y6DlOtm60JSdVa6-W9t9ZtYUW_eD4-9VF7i9xu_sINX7FVEVcd91-cA5tZXL2QX_62ZX-_OVSQVUEzO7tF2QDORitKummCEWC2WDuIxy3gmWpS0baUctqCibwX6JkSCrKeqRm349gto24_uAj1KfZ8xqbQxpiptTztTac4phinM7qUR7XgIoIu0HJ-gBZQQOVJWTSEQr4AiT5TOtIzKL3QNZlZYE9bwliUIinOADXvk_O3nhZbsff5dQtxsOQveexBt_up5dcQuluK0AxP85roXKAMWIs9YPDOB3W6Wt4mNkjIZWA69GqoWRlpUyJlp4Tf4b-bjfWbB1cLQz9LloeS1lD5nFQ1LROgJ08d_mtaCB4iLM5gVNevyO2oRktsFSwBLDu8quZiG7bt1uNCrZaakG1D_o3DpKz3mUGD4rcRSrSDKEsGP838ZvtEK2_-Jl68jCfPd6gS2tG81UmoU_J17Eu5hsjR3OZNOTybBQUFYZC64AhSMyG0A=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=ebLdySfNT2CnKqLr_Qa2DtmDrVitcozUmSJAVCsjdLwsXNyARr1ziZIp7YW8O6I6r2ujR0KC8pCjef95K0FqDzUd2plPxujoCgtfkiHgs3YMtHCyPV7ZxPDO6lJ-xQMrdGnkH14by-yQJrLgkI22ID3kDC6SouZsph82ctKMZaUifNKaTyftD81mMi5mpxKLCQ8-ZVyOss_dsjgNFcihSb_p0Mk61Zu0xCY2IFtORkEtnJKSL0HdB-Hn4_eM5u1QFpyvaQ9R0gZyAzMBMJzOGFA0rrKReBsnhMyGAlp5NEKMBNYTOSktJVROJpUwVhQZPWCU03Fu3CiX-sOvtlii7ev6UdtvnvY-WLjpGYVRGmYA1VJGhao9JUu2OvRMh3Mmx8pYi9oSJQFN1SzYPUMzWilXNuK-2ld5O5TBEcpUEcn92zXKjt_OsQq6JbQ5MF2TWYVOQAZZTo5BFhHmOfZfeuwdSysPeeE9GLxDtC8VSQSfs9gCvvTsbn6t_KRUfr7wjhjnAwQu3NnODL-fofoxlsNuBXzzmfWaJCJ3zt4EvNUIfPHUlW0QMzxVZxRW0kyDmROoF2yBLUZMXzs45z5h5ZBYIbomv2wVNHqTPiKtYxnNL7jZq0yPf2Uajzq4Mp0QSoZiBuZCJZTI7D_PJWeepDcJhLrdsFw3Vp0ImxhVIjVhHYupR-b_uHs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=16028742d091fa8a88abdc7ebd800ee81637066148&psp=Qn13FUDcexCwiDvulTiBS-hr5pjL_ujR3z6Oh6i0YvpPZ3lQwbxsrsrwFvONyyp4yYWfHXivoTCYocU56808ImMRpafnROcJcP-7p7k56X4_qiO8C5oEW_eQsaQEmAZu3PYxyFbLpbIKDLqGJ47EE8mA9uQwcfVgiqG89iYwIXen4bYkTu47n0LpnkMpyhODH80ycKCefH1RhaYodmcrMqyp7Es_A1Mfs1UQu0Fej96w1IgrPA2neYYukjwu8XlbyXyWO7Vvd17p1eCBc1L5jchOB83JQ7dNRk41pj1ncHpvmtOH4JZ1Pekx9Hg9t2-157g0-CkBlA4mIhus240C_TOfRifZ-buunuh9Ab23qZFixAXckegDC5I7kyIAIfOL2qxR80QbeiWT9DzBBVCnU_fjQhtkFQnxwjTpOmCwSjG0bwwDiI16moCaX7QPx4AVdTnJ9rjuMoNjvtFrFmJyKPpgYd1Fo4e78C6Y9gAdIsrhCZht2c4Kbro2w-Bz3l-aXRDEopAQevkk-SByohFvuQAllaJXM1ZJb6VRhQ8_cEaMH9-PBARl4s5Zx-tqHFuzEX_2uI3w4us7IjtwN-Dw0oIzm00dZcmTXzyXTHeEeFgHk-QbTFC5mqRjkZ9Wu_DuBpmXW8QoksIREdsHNvsjrKBB6MDuDRrXB2W6zdGl2O_HOTqILm6gerQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=vIDnP_xY7b1UYUnfJFiUP97LJ_vnEFHIwr3kK6fbGc3uYQFt0N66RQCrtj3R3Fo2OvSai5sCYL0DTwkv8sus1Oe8i6eYs2UPYPlyyYWD2aM69_5pc3OJJ5RFq9x5gwd2W5lGOgf9bYF621YB97EfmENkwkkysAa_5EYZdIhGB4mCrPuRLnM_-4v9xXke6d3IWv1IvJgvMAS9Y9OIQ3ygvqDBL6MlX1-nC-gSxXhtxQb2fgEaYxuP6C0P6ewg5TGYG4XzLC7YP-MjhXCTbMIvR-6hoaJCvvO9pZmTfho3d8q3G0UJGj5mmWQ0Uz8CfRLfUsb_hCsDPCuZnk_ZJ-9LTrEragCrV9l3_PvXMJDU_Ihv6CWaqZ6L_ePBqZEf2uircBmrUtkA-oDW_E5s3CD28gIiP4xLdvW7NAXZqNl6YNLR9nOu1p_Lh_IeGl47g4zGPLoa4O9TqnQTAIfXmNMqDokkG6pIf_x4DLcbp5Pk0v9hRYrJqCM_PHtZF_PHZmG-CRVoCfi90vz0re3C8xyYyuOpzxltvyRvDoDTLnCOJm99EgU_eC3OFQoriFkKHtiC6i1Jlk0tSjCTgA7SafOcAYY1i-3d7kR58sRBCy2SvviOLrEXW9_ZVbWRjaUtpxDofa4OOmyTPDlbf_9E-Cjs9_MC_M-Szf-AI6J--YHdeQMNsuLdV1mpKNU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=6VbHsCA45BoVSGWftLUGsihPT6-_2C1mqp5idCEeftQmADDvOjxySvrQPkEjoTWUY4pplwpV7PIpoZU9wtcAP4XLMfsmFmfeSpbwV8Tap6PGn7oK7Sgs6xAl8VZ_kM0riaKMQc1umnvbsBwkgW_6jCNAF1MoonBGU0bisvAAlMEIANJVkk0YV26uATYmb-pfYsSXUCGjsTj8VUAa-XsBodGOsR7RMZSdbZg9pquOpF4UAz1LzCZCk9WTwetdKlgEKwen8Q6foMIp1zfh1uoAu0IdJMPOb5KPuZyvpOZjRFzxWLm2KiBsGjV_c-qH-vaQLUpMjXWdqQuAxc2LL_AlLhoP1bZBGJFxjznxMu0o68xh-hT_JHKQZ51YgC9_NTACjEph3LgXpEmVYqjpgsjfWybt9c35BrVBv4IOzPCftgIvay1CZzOV3UorVqVuyLDzVgaUeGrc970hJ4_KEDehysAt7PzRjNat8dErnWRnDZxO0A2-IS6aO6uTwXJaaHEur81PcRYCfWXGC_VkzZwNQM9O2PxbCNJpCtDIYWgNkkrGR5YVCH6XLze3cgYMEZMbexvGfOCrAAmyze2ZIBY2LQqLMxieU8-IqpuZoAGwkAFULa-MyLRGgx-wV53Jf6RjDK893ATDHrmWdL9gUTOIiqbGptxavN9wu-jpf816i8DbzeQfoPmwT30=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=91mmc3o2hu1I8PRE1FU-_Do1hH657_rESoEednLSqDpQeSJrxokmAVDMjE6CWDI8SXJ8l3_g0q6NY6CNf-3B83pHCY2il8gAxoMV9h4wFGrOmhZcWIhyOIumi0Lfst8flvdN6SrT4dwtPyBrTjsAEdYNfKj9xwfOsrCtmP082IhK17a4APfZCxJMH9WKkUHFGZ2bKUeOVsujk6kNbw7qv4EBYRFMgfSHwTmYdBNdE13aP3RdnSpxVKuAKDOHP-JOWG1DtaQh4drJnUAdbs6lg8Cwxgwy2lNTZcJGlEak1uk0VP18Xm_V6Yhm7M4aIMgbVxXLgRrzwe8vfqkxaFKqZRaqduqL78Het2yggQX3jwm0NbERONxOroDem7F9CBRO1rlSEJUqtEoZKvO65H1QFjYz_9Er7BKTsPlNd3-14AC7IOcFlzFbNfBE_n9uS0kM5NIu2pIgwcTj-UFofeWD0NhgZb2MCZ2kuuDSQ5W_f0lw2RaDbYXI3YEP-SOBIsRyFBeqy67a56fE-hqvVKQqivd1c5WFZvSXq5qPx1Ysr6ICDIrGZk7owm86Fim_1AcVZ_v_exbwO3xNsvMGdimLjix77lWzvd6voRy9Ykq14CVJssH_-FoT_khvudm2O2jno6vDJQ-C-x2wJnRmL81I1ihWJQqWrR25E-8T_t5RWtJOBhSDxJ8RDD0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=mUbgnCDDHlwpxx_LsLhG08gH-d8ITkHo2JrasPKZ6veA4uGqpLEwy2hEZEfkeQzvtjuXIRr9G1TA9Ac5zEbyQ7RcGaYzFIPKay9tN7ABREaAbNskpjXpsiU3LUg-5CrfmwryRunoIW3vu5M5qo1ghgN4ATcPHMzMMfqH47hyxuWs9DwQab9dm2tG2cOknjUTyq2nLx-PD13zloBAQfD5-PvY-W1_R9J5x6CFK189uqBu-7SQs7SR2xaGaMeAMxURlFZ3LtgFAtkmKwavnDLt6IpGnY0xrEcZ9cG9YNn0vy-TZ88-rrQpp4cYHnVzFbusW-h-RI3SKlqMOMN0Ab-y3V1iwnPpbR6iN8LzMMavoO5nS-10VtXVgmNdVYwxBce23W8RPSpwxiuuLiNRvaUXMylUT6StnJBTjDWeG6CjCRcQG9ZvOLZw5nqo35fgAp5G4wpmkfe7LICnuwlkTJozddqMzhfwsmLx3Iaq8TUMHbIXfUg5ekzsDp8pd5A871WPjg5G60DTQGVakvNikTLzMjh083TvRwqiaw7tAlZFK1yJvtvPtA8ZMYwX9JmNzSmHLz13nR86YPmTpfgLyZSqYEZUk346T5OMKZy34qq1uXMG0om_AwgCwZt8Vns0VD1uWzkJrZguAveM9BSz4yUdkWK9v8jImUpXO6RrDatMyiVcsSsAU9GOiso=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=a3cfcd4927dbac804ecdf910d9350b801637066149&psp=fjVEpnqxkOIJ7l_ZdZAUVXW5cab98TKJMAez1CNGlF6tf-01hY9KiCN96oN_6Nn4t8NkEn2WzHl5EBxKFcwmBOJU6mT8ocgmnC7PE1ddj-4yi1UGmQv4AafbKSPIcOLXrJC9wG3G_3lteGAmUToITzojDIVN835Lgldhtvtwqrg22RYzBpNCWBWddK0k72NE2yuxGZ-5G8ffGtciI6y4tgrwj0AzJQx8injjyaZSs9pl_o2m9yHrDpy_k3l_swHhSr3CUUHCr0MAP_XxQiQNsp9-7Bmy_w_tXzeDkbkWGInWALM_-DxVesnglobS_G2ClE16CtLglP_eqKN8NucdUBt8Jpq5Ju6YYdH-DEc-qTm5rtmYCez_THbYmdquy8x2KBZ-8JOUYcV8gKU4ET8iyQWY1lZ8Lgfyb7vqHm2XnITOxpohjclhsp4sqZqX9oVObtPY9NSnSAwOUsky0_CilHwT0ASpJv0pWCGMHeIyWAwgJi0V2CuQxVFjikRk8fxClrnQ6uIvqoKweYrLUVCu7PPt04IjQwtswQ6dweWP_Cj7e8NVPeYqDMrFT52bL6I26Yfzpr1xpamQwL2BsEFZGVgf8DzFlTNfyCywjzrQRKw7L_AivwgyFTeHK4ImcNe9MyOvOgJCRWVLdEgwJsnvPXn-yQ39ZkrQXQ2vxltwhypb0UkfvzgQrRw=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=5YID-4SauU8VyKlGH5bY1cnmxm80KtLeR6C4dRe0Y0K8IBnizv4WKdhQZf5C7j_nd0Vb0SnWr24COzKxYPiv5MlYOFLD4kZAxp6rQCSSLGZOe31zim2SpGWxn0SnfLOA5iM67SeHqz6WpjiVzzPo0nM0ABI4Dc3_RdyKBAHRtJGPKtT4mX3z7TxP-bsQSBOpe4Ngm6rTL6pC5cus17qOEZEGImXKO2y4L0a61lrtL6uxK_h2XoorD4gItM-RN_fPNWceYLHm6grnORaxPHFtZLgzgyEdYmn8hLbNjumMMheV_cx4WIfP-nwi03FR22S5MTL3dUHO3Rdx2pLtEDOgRSKRz6SBKj-YVg_2kXRHXvmdvK5yanz-6XI3Iybik7rHhxdncC5QgMB602k7xiVBhfhbZuI73GUPWhMGibfIGyVX6qV0mj1YEMOR133BoYgBD27V392_s-wPUm-9iHiIDrXCOWG-8V-EHwdwqgkm-5Sdx1JAs90vWzimQdRQR1MKS5V4KRcMrx0d-iGQPDaBVf_yUUqj02hCnHXX5X9x66QS3SYX4n2trisfjKbO5Rp4reSqBkXbQhwJGvoeuuO7U-u0S9c5fFQz8ySiJwFU0K2jpx5uWYsUt_LdjbqJ0Nz1u3c_K2raweJ0eGBB4ELitMkK-kXsdfig6535M003Ni1UB652jAzqrqE=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=OeBXw7A8Sn2DWxxn9v52xHy928y17qRSgw6gwK9NAi-XrOLrbVV4jGs-vTqb9R6G6lmtA59qUEPbMxZATkRVKY2DtA7bqv7CKTUQjUJ4uH7NHA9CQy4VGIY5qiEDKE1wlrNs0oMkKSnQOp80OEHFsiKrre7Upzrx3icTkuuCFa38j81IFhgJCqguh63OoyxJ3tPAW7MBRgYu08P0ES5o8CNJhlaXj_2FyytOKOhKBXJI5bd-MyzQI--80pJ_qEnNF2QF4789Qk2YBbbRB0HaYAeanrigMKMuBMCdBpm_OAyb4gXHI-nce0Pv9wukLEQHAJtFJY9bTDIczyBexuSOn8aqrWoC952tBpkTjJiApU-r9jl-lxQqEj6dzB-ECoY_7UDXARMRIhHrrA-dZ8t2sOFim3wH2l9vzjzWs34S6BiHjxGlFIcRjhk69Ov2FKVSKl8z65zvMk8Do-wd5LSVgsF2HRoK830xnITbRRu6gW_0urWyf0PKUGaHPg_u_y5nE0qKvu3AIRESy-juQ6cHtgS2kf7Y5h3ZTkyqz7e5KXtNSR8vE90_xeqIyma8khSBxsnE3ueyf373hhCpgN7NXB2khMPzIb98GjIlV36WT1Vmhk8jRjlZGH312Kc3YJzSYsZcGgmQzAHBAOpWJMidPaLrIFjMrgiP204HjjVQKZiqb-yaK1U6uS0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b2f1acd8a396ed8a3293a3f3a4691d641637066150&psp=ESszcBASHx9NBhEE1UthM2n2yjaTpDFXsJizXIapJwOK6ZlLPGhM20O_NpkyLYJsDscz_shZR92Et8fCoQSbmr7r62ije7y6o3E5tIF0T6MjHk84kNdfNSzWizvO1mtzH2WpYWYYfQphurpR1PN3MO1hH08iJU8MFvb4iu3bYmEwBQ0900otAxikwPVE2NlBNMrJ_9GoNybH1w-lBouZBpjZGaF9kb9Z-TIcfmkesN9Zd_LkHQZarqJjACgW1X1Z-MieJ80iwYOPghova96GECaFBPBvJrsuczGlA_RtenyAkbqO0K-_Txlo-jl2tSOTwy2DUz_94HOkn67w_Xp5BJq3wjOmSfYo6LGkRylugKIm-EEjePaxDj_JMovTnOQC8vNqxObis7ljnUULP9TLfp0xWditwqzWBU0uBxzONz_TCoDnbuZWvAEoVQxet3Xl5_doBngrKxXFtY_BjiCIHTBt4kyghi88l3EAIKAyD4tDBXwhDiWxz7bEnAH3D7EVClhoVI7uv88K0dUwnH5-XmPcdXKt8NSwo37eeBxsZKdg1aaRLVEezC5fAjMEoH97CERKnYTfL0RfS1qYnzTabeuA31eHfqVVpQBKMkALyFTGVNghFrwW8WyHyDzKnolDHcxGMJ6ukiAkA61U0XK4P0TtwiK-Pj8M1_yifcSZeRayFt7oaTcKQN0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=dthBuQFxM-QpVFLYO88qcaZO2D0Okqe-9YnCpKJEEglmTiSVcovt_A_d5ofAseUN7-RpCdX5btk4bxIq7d5OG2UMEnrGFuLayFXelAd6tUHFnAlrRi7R86hJzgKtrM3qlf1oXR0DUxS4WDJteHgyGg_gMHTNNKnNDYklzNSeGzGtroFn7dDhbqUIMTsZZ0TkOEyGu8Sjm5F2wRmz1FVnj0fr7DfUkjWFsNAY34gmAly5XOv09oletqljqPWTi66Jwdsz0QzGcWISWwChAs59x-N4TWecgqJW6h6uHNeZfxjo7xy5R8mHn7km7M_EvAp2qPQD66RehCOSVzibBniImoj7Nl94y-iV7BAehcfiVRX15H6G8uSIJgFarM9388TgF2zFzs836tOaEZCSDK-zO96_yE4e3HMfgrZlRboyQ0_xqdl4rl3yMGm99QGzxpZC_87XNEsCPEiFVwjA23Y7rVdgFRizdpEmPd_LA3dcFuUz0xM4-uIY972S896fbsowmZ4pp2zyfcAroTam3rZaAFCgL1SPycAKJj9pq1voPhEOoQLGN2PYGf7kyR6AdPLCJCuSE65cdfBiwB4WRdzEp13oUOt_mn5Xs5Tr51_Z1NuvFeX4xF4f0F7cXY_uB1_ICZx7mG6eMaly18You4HsF9gCO-xAdRh_fCRYhyqYUq3ocktXUiYPwdg=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=yniSpc3MeSt3BKVj2Jj_jxFUeg1VtjiX7VH6UeXSs2TPgGica33NGEag3HXwEG1jW_Ex6L9WbjG3ERaCbDigCja_iaJwSMSnSnptiySSN63DEYh-qA7S3vEF6osJXsXoX6KyFw1RTX-UiRhpF063qAcY0UpMgLICOhOlTIFvgNqlMY0Xo6rqQmKj9zRnUIBe516G_Ihp8qvhb1paAAjHQ6fBLVJA-df0trYBaHXg7H-2RMoJ-tL1LKzJiIGu25OM8sJ8Hzz5gRjWgUAmUMMnAw3MHdOTPudf-cwhTwjupQBtTsjVHOEFxvr3uzkXZxiYsYvq9ufwko7Nl-CgZhScjH42_ap_YZnsK5q26HjXPj7tYUl6HBtbPTJWlyzHQgQeTEonY2QL4nUB6x24y4re2G3N3j9Hayr01quz-UVxkicDkjMS0GIfyhwIdN37XStkuvE1uxp2Z_yZQTMu4fa3SiNTCwdSBMBNcj9f6BdFDxwiFo1e5PjhQ3YE7kdhnN4cUjShPw5uK6dnzHn9FADRDBvhq10AId71xUWJ6f_XNlBVOgOsFUPV2uP7AT8iQRQElxXaY_dSRUA7nGl8T6S-34OAA2x-XKWQbUs5d4plmzHqp6Vs6-NU98chCtRjBht8r3nFyj_d5BT8_1GlCaNNqRmRBjXvAarOF1K8-DBdfut0hHLVQVTxhqU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=aGqOoQz2tHTnfr7W8CBFUDXY3hp6UQl7UlsL-pqzdkZX40M-8hs-xsDFNpFM8AZLEpX6M9_lA7dpdbmBkPW0PJ4c95ZnouTtQvczzx5gVz4DHw569_F_kRgNneaAj5cQPte_Ip_s2piATAsQ6BjgdUFnBkyraRICdZUr4n0NLzfs38ghz_R12zPpcCwPCUdMxFRSS05b2Mo3Ed2RJBOrqZePh6lZ4S5ZuXoak2V0xL8CPwnL8g0TwIv76DcKMmKdTHwwW550xeeT_ZIljz8AyBPG4-pypsvqKyjSxSJdDtwRXOV7Z2MotDv25yuY0KFwF-lLjL_2BOQUAZuL0hrY3cDtt7N7CObRHNNNQAcbsrhYd1hrXv2K6lz-r_3Y0WPVDM3qigQj3JuhGDA_JCnvNOjXvkBk5wMBSYHKqQxU5YNY6I8jeJhtwNdPRuPtbbMfAULQTHe760_ob7VecL5Zrt87DsV6_CjKjdKjGa0QxEYXhBi6KGigM98opAf-VPqdIkeTwAC4hGE50GuPkCQ4xZgu415ftcxGMsFyMJifeQI9XiGKgPIOus7uUwiXAtPivqM5EEvb9TDddf5vA4L6lxhlEafzVrFgiVAYFbUMhzaNRaZfe4Ci0bMYnnNJpOlmX5HKBkJ22oIl5uvGwhLJKcSuQQLU337fTnQyMEVDjQCbi9-N4lAh1-Q=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=gG-xf788bAX1DGdUgCkCzm0LWW9fxh3ZOFgIYRYR9Ze6TvkwyX27niAFSFygdqhTR4Sbe8QnHDsLR3_iN_7JBTZ1VN-CnBn8NJ3O8YpAfZ2RbtUSRUz1gH22IodHcWm7R2zvzV0gGu2CE6z0bQtRs59mQ4Pe2x-XhdUH4s74NzvaCOtxFbVe86Y5oT0sVwqTasLahMV00GS1yNNWx7mc3mDyKYw74NC3nrIY6nPNc9VqCbZIjKVqs6o0d4-G6OyRZuyWrA8rHxL8aC59g5Y3NJbr7D70LDcU_b_V1NNQdAA5UhjAT4ZI9IYIX09rGPmEa1d6yJpzTXF0ko_fMR1zZiUfZnN5MbMocq7kjNq-GIhAzYwCPP4RLK8XJGgGjxHaPjGsME49KGtPeDXZPbaithCC6lLt7ekzJzCIZDQz40nJ6xVMUsi44hsvTC_7ghdYAKQ1_GjV-KjHC-h5XNRx0j8YlXChS7n1PEB8ldA_Ge89QTjQdIeI20PI-uk769lPtobJ4aNENt3603MVMhIJcqbZT4R8vdenkeRgqE2jbQ3XXyly0BqjfuycejeunGHmnnEEWqg_XbWs3gN0gTaazuxzYN8Ip_jkBuZI_qzo-vDd4WRkYVjADJxWES42tc5r_nvt4pvaTG01EsMenUAULzySdoBsH2TDupzCXXdhAEQx8j8VEeHTmo8=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4f9bcbf400b9f860c9e91d2c3568a4ad1637066151&psp=viQSYVShf7dva8aTaY639RFj0xmgKJU6GDlPQEDczpLgg97LufggV6LOBhdaF-BEW2__hn474tlXeVfxmY2tsXxDMvgsbOcoyw8Twcn0D8P0Y8QRUg0FZwE_B7Jp1qk9R-4JucBpIBWYVx-uMAoB77TOY4cjpxGvAGmYG9G2R7CoqePamncPoPAEbU43Z9BYS3fcAPzK4vutd-XNQz1GAe06U3Y65y6SDGRO6tw-Ykwi7sw47HVLrhrEqiiT4OkrzRms8S-xce8ra4KzTDKFtEN-v46AG-SxKzZ7hyhlU_TG6-7egOT7DrQEv8Tj_d29DfI3mr77TEdm0zhu0rXqVSZW3JVBCHQOFJFzOkdINvViUjEUCFw3u3Tj7oinHyuAZ2sSrfoYcskyP1BQ2xG3XNfusvzhoEBnvjmqyv0fzKwE0LNCjujHer-q2Uyw_JTCbGS0xV5q4b0YsipT4dSufcOaXef4wi5hSshfKe9M91P0ku7gEQE0vkzzv2WcWTbH2rRUM8zm7vGXvhWKBxV_jzPFpW_CGKHJ1HmrhGANB73kV53CK20vY5hypBDGSEni9t9mDSAXz1_B8c0etd6PIELpUjp3Dr32K8HuULhS6Z_Q2wRgYcBMANRJ-2jNp4qILrvBuVua6DyVgBugzBljbdqeay6dwCyDNI1FLckBWUZ93SvOF73vdY8=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=oZIXugW4UaLkL52i_pElYYzY0mjaGMfdhlmdWWOISf8eChyDRudM-fI56UYPeDGpx2YuMKpsaL4hl4Qqu85ap_LSwCDwbO15WJg3gvR5dBdM0VqPd_yvDDdTBklTY64yc3sAHsuYx_lRKvBYTxAfJ6lgfmrhfVCXFk3wdKWflKZLeQk_N8SbxBNplgYjfxpZLdFYzIQPUU26IrioTB3BEKM28_zaG7N-z84dPEDNIk4Rqs4BAcsqWGu76f4awXTgQOXKPRdjTLyI6cnJxKCVU2nIRI5Heqzc2GqKTpd6Ev7GcEeLe5CNwbKYfFy-h9jtRJK0ImpB2GQuSaemOD2xhzUSNEdzYw2EoyxjPQAmU16caFwiFTdmyZ--kbRDd1dxVUvJaJimVyLJ7R5-Zfx5ggM80AE9WlKoRdcCvYnFEnxI52zGvRYjBwotWzjvR2w6WzDnlDqK5eV0dlpzE4WG65yh9n1Xtditus6mYjAYA_5zZB4CReXV2PH_sL3NuoCxBXY42hUBKepMQsQXgeL7pZEYZe2_S3uK1JabmNfTblAfVVpJVnV55L7yGve0LjJd-zVpWzvtgPQ5Z04ecrJTHa6O34QD3WJViN9aYB6XoaBfYRyW-pANynNggvOM3fTdwaWRu98iMLRvsnqPtOMv1oAIVjrg7tHFgZlpHDDalL_V0pkYxtTABUs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=xXMmJixXf7JEDCniwgMoIv7i7KnKi1HblpWeC6m5ZdleAaS06dJjonomUmNK7uZrWnoEyLbRXZk6Kcg9VPZnz9hI4T0EVyv3QLWtIMqxJmqLW1E_9ATEqNu1AKrqcDzFZF3jDiOyFUOBnByPYtJ121SVkoJaG8nv6pIorzW8F3RITq2GpstNRVB_l0FNKst5HyrACabea8iKWMjTrMINXRI4ckhHQdQuklzTjudnqGv6xaY3Vruf75hvrTpCmUcd8m5VgdmU_eYwTzVKNWkV3uylV9C_GmO_Hbd0kB0kyB4HIqvLUwbo9pyCvLByYOXgwFXLPNOcG62A_rgzIu0GNZRnAT7Dh3Gr2ExZrGN329U-Dznjfg3gZPtH49QGfalLNIwC9-diAxCAFXma3q2mpTbP2yv7rfY6eoE-7Y40F02rYea25EANrPc8xQjKyqzH87YiIy80-IL5hZCAZG7u06hOP3QRbgdaimYZ6sJ9Pj9Mq28_x58JRTj9tZyF_w5XGBJ7E5Eq2OMLp2KLWhoBqSng9SM7RMtm89j2K0zJwANUkxuraNkVYnGwaospQVBmOcCUBOFMxizCePBa0KPTj5mBYmNffTYENpaV7qkYuYjULQIidbyiAFELclbwu9_fn0Y5ohsjXs_tTcYXpoiGQV7BARPBSAi6P3ZKOJ8G8i9Q0LTRN8_pmqg=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=1aySws-KrHlxAwlNhl3o0Ta1oMzPiLslBaLonxgNagaY3Ua4KquwlVFVJ4YeolL1U_zdOC2RwrH4NyY0wxEJ0RcqSi1GUW5Qab16efJttaResdLIhBrZPSS4K5NAhn9oK3gd_lXvbHNMkkntWdrLunKhzKEUpsU3z4lW1chZhtT3m-wlSK1Rq3tXtQtRWbJTBT9KGXN5GTCFZwtjWH3oMgAFimToDS30MnmTq8K7XNbeNGMKnH5uWy2f8oic3lEwDtRwG2Sart3zJCizu_ASdLuiIWw2IdF2q8iQN8Cz50dDWa-Oe2IjsEkhOlfRu4c2K21htvbpHCZcF-sdQdnA9Kpe0hSzMzUOUToNgOLRNz4lrJVDc1MgtJBsOVX1vrjcdGyAv4j3jgU5n6rB0yYPJ-VOjegojeTS_dZ-1xzPSH_R2VaTnXIB9gODUkXC28egSjSIGUw0frurp6JmKIa95xbZxM1TE3D9eAcIEfRtumAz2IbLAVZ-ZYjM87PIf3UiwS04rB01wutvVXkSHMNV4GC53dinNDjFLhafX49PN0y4fOtBFwk8UtgIn8wmgmSlMlAdKEj7aai2VQs5ER2w86DIZgZ8EQ1H_DjQeYyRmjZeeajJ2zK__7i8BBRuZi7tOmBGCTzD18D9kz5sIAosINmp1qgyEIDklNf94bdmw0iC1FbglYeixXQ=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f17d2444f25483bab1fb354d7f2582b21637066152&psp=3drQm42VhuCxhmspGaez5liI66jnXdna4OfzV7ZFaTbwp8uHB5ST3-syx44adXvUPS6uEaxdsGJPcw4xorqu570EAnLGhYqAlw4wy0MWYtDDVxMhymGr1MXM6lAMmTKUi_NS2r8nB1RYm1l3EIcJO_ocP8qi8pmBt3PGuvMgTS-isjqjIPPUi0awcD7jl-AGAmlHtUanqtFb8-qdaObfLcbfWTzEcAKe3OdBh6kEtfYcEUfP-QoJrgB9bdFJt-kDf7Na7FGiU0K09AI2BpmQOkD3yAVgJzLFHhmbB3CFeLavxwMpY4z5lyscNxx9qUt14r-nQbLrybFZNltAOJjViB4F2Q538BcpzW7x1aoNK2ZPOq8hjWLAJpvg7M041lC0SD9C0qfySYcrJOCgtQ-Lg8sGSGIu6rW4hzIL4IaII0rKlozbAK3MXTq9mwdGQqTQ6b0-Xmv0WOklgYrphmnkYgvPTF6MFHhssV9X6NyYDxyZEqMAdU7D7KK1_ZB9rBUZ47XTpRFO8Cd86AAjrlF0ZtPTKaoOCB4g0PKOPv8NeGuq5I_GVdurnsG2fZAf93RECEiX4xooYOZEh7MuURENZlsQV45r6BEtcdVRnGY3Pa-3IjFtP4_4N0vLYjmy_vZClxUimPOV9i2qn9L7wK3Z72wAfRS64Zlu6MsZRO5S9GxPx4SwCUPc3IM=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=3ewwB_anmb-m4Dh02GrdsZrucF_5zqo3BXigFhYu3MZIKhLJ2pJm6AOWEfVO-KZJhzsUpBzDJlBFQzEh0FAZcMuG83e7CnXh_fVyCZbKAPGHxCt493aLpmwRG_kWEi8eCt9VTlPFWxjPczc3qGj1G1XvaCeI53kcfF45e8T-4qFhNvbJ7aitAqW0Hx3-9rzbAQ0Z_rRhru62wbCUx2X35ETpV4hDeZp4xWPPkJ7Ua0tNlwVKV1ykqpq4-JJAzfBxtbEIoY9fkGdtEAOJv0w4Vg0DT7KpwmVAb8vgiV8MbpOTfMY1Kx36tGLe0VuXKuGxIn0r125GyFq9po6YI6Qc-QziyB0Swz2leQib7X5O6klkW_EixCy6cD_cWMfuyOdHHp_9i_rhm8ERisuf04YGHDWLODoHrquVO3mx_krW7YW0yJ6EQKv0jq1xD6FriD-LQ_BQu8nbPNagXcABnwPns_o3_8y8goGMVCIjI5_Is81BNLOpST7SnOKpeY0fCvY02Gw2fu58zAf-wz9PiFs72cs_m2q3qpiWL3Gdgn5Mz007GTV72PblEUTbViRPfoNjafwmhuuoaydiFdnRv0lw_S2YEk4Pf5LY0H9MikrpibPjE7i6sMqM8XVMMQio0cTtN5Fzv_mjZtHW7Ei6Q-eYzFY5inwIy_EXyVMuwyQcGnwOWv-jMm7pjeY=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=ygw7iTDR2cW0utoMmlZOL1vhy-hJPvZoUFYcgkDizDs5cqhhPuPy0Sxb-OesBG6fGz5wpfeXvAfJm2dwvtoGLlkYIEgA6ExcLYldAZ_xq-kO0iR4Xpv_6_ppr5H__SgQEBNMABnqC5GNNAGAWPbmBLe1SHwCdw0jEFIrccyOas8-Ci7lkMMLv2bi_CHlZJ_GXz5qIJPP9McuKwhurg3zZFp-C0PPu0-uVhd6AsOCDM_VlUpzoP7p219hBfoPY0P8cjSkRutfjtSTxjspk-i8FfM9UqEKvm4xqKkkfOswmRtK14Jm2na6ZLZYuqBrkcrY5RNZS14DNS2QVS6E3L7PaxJx3gPZ_nGIjmDClatZVWo9edXLQ4c6Pqt_CKNi9J0mb4ud2y3zpOKOnolhqvadti36NkobZhZ9SUOG4eQdW1p3fZu55KIG-sI3iVrjQBAkg6X7dLkw0atZBq6cWn5NMIAPklxL8d1yrUgwnjcsnmWQGdEeBz2NEk3mzw-1PaxdQtxw1wbJkhOtuD6SIzuLjTAXnUUKrn-LLKq2g7ldGzpcae0OEBLzijG0sKbweO6OJ8NiZalzPky20hWmzwgug4R9RsnozG4HVFYUdxIQvzWfpaOhlqnapsiqPyahTo1ipLP6bqToVFy2t41qtNYJUhhgcdJGRiI4D5MydH0W5BAJUaRF3Co5qPE=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c6d82d4c508da14c546e8a3f86ae07921637066153&psp=8hYQokNm3uD4yumcL5cberPt8OyV4w9UD1wb9XMoLDsKdttL_PFxQmzdOZF9p48-wZ60_K_PyBV8CMNC7HyhjT1QsqrvxQpjLs1DBxQJ2Czrkyc9BS-tcnfGGq3F2Z8J_ibI9F2Bl7qhu5q-1c5jJpEgw8-fKav1kMq2fxvW_NPzhGiH-fJaUWmVUcaYEo-A9cgVzgcnilBGmJ2ThL6HrF7jhSszE_XMdazuoo7u0n82tiwbYsKo18bO-8tQLbRSfBCO7D_zHQrq15AHcLCoCCfTUSKfQWc9JtkHtY5rvqR3J_BATQgjJjFMwN-hh44SKCQNJTjg0nxd1j2l2gZB7nJ7sq5bPvAr2CLZs6p51kX4UbKFnUHqhp5LpHkhw0aPBFXaRTXwbwWl6Ho-LLeKQVk-mSdPYeAFdAfR36bNmu6F57bZ3f0X0I2uNZHTxwqVfXyGQKlh0uZktTvt7r-WZ969qRq1iEYF_KHgIs8lPRgowkgMsCXUJsHp73EanxQxyhNmiXZXZBrXrwazjbWrMgDCqnC5c8FgYHrmA9wEVpenqRqLz5rdhOjWXrqECUYDUD3M5KhL63Kk32ikw9Pq6KDnjjW99oHCn1RPf7WD2_kx-nOM191MmKxKPrEQKgBlwEVYB7acR-KFPdx-Mufm8WMulQ9a05j9aJFKlQlZMc-IxFTQz_Cku_0=
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=s4roO5v5OFwms73Ea7UOGPB4d3nN4Se5OyPcgC1--FPltoI5peZxXURKV2iUyKVqsPuZYku_hqJmdd8YX6NUUE0AWyBMxf3-SSPNRHYcTbbm-G2YVyOHihmlU96HzHy2bKhcBw43Je5Y5oOgGffBWV4xNXGSSUNI3MqZ8v2fRmRof6vsQfSZWxBBVYWa58NnCX0yH5qJt5_s4tmDxAYI3s_a8ojw5Uw03Sr6Xttnf9NRw-JdrsnUMVh4z8mUSHSiTUcwng7VGJnqq4TN92BQN9cVzazvsiNrdiSPPlg8aBLn7wdgpoLmYY4z9vEdXIXjiXUJLBtedcqflPYluXdabxPTbDX2aWxYtsYP5NupbgGSoUmbm0l5NU-deWt2_GXji3UoeyCbEKZVmFPl7g0Hgx-VWH55VKBkSAwY1tcfBjHOz2Xl2crd4kHWQP-tJ2y4P2sdnM8pZKzrZ45YDCAfo1hGyDQSClr0yXH_W5TfwKHpuTgwfHrNawjidmMeAzh3wBHmtn7P4_-kdjeT5Op32f4coeeXbfMm-FeYxTlUVEUOX9BihCXSvhXW0QoQRCOoUf9m9TsAUT_Uxr0DkjUptxc4cIrjOkO_xslxJHYELVOjjdLGUmv5ivkVoYpZcyicOEZr98LC4a4oqWtOpVLQO3KGUFGGSza_uBE3JrcYrtuRNAt3fldWqCU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=_fBiwthsAJfDhYnoWE9EtkYrnvW9cFQNMh5VqElEhpC6ZGiDr1fKcF3-C1ZYTD3DANQHZSWmitpkcafgtLA2wvA5Eduzn2da4Qr2s6IgZyHH5Y3LrA23vr6fwIl25JiqZNTXh1VWHa6uIZZLTBKKbOJQWASuTJPY6jjYIt8614naAzKA9ItKfQP_POde8mRAOm9Idy-GavO3SPgh74Qnzsap8vjgD7xDlEMD6L_ZgzTiu_kCX8ctYmzW3C7oa-fu4rx_QfMUDsW_zYa3EMXKFMSl6Bq9hmglWoFKGuF1sJF-wy2jH20jAtC3fyv8RPO-F3h_OwVrksYrHehhHwqupKYHNbu6yZO_VGS5O3mSvraoki-Qfq8wTgkp3k6i0Y2q2kaGbUGH-6NVtoFMu48uPNqMn14fNClYKahfnr19SWvKzlbnQYWCC3i8o4o2u7ZtKhlu_bnjpLlr9pBRBmJyqXRAxLrKxQjD5ybIA8_MPY_A_kOUps34wz_fFM_4VnI814i0HqyllIqPPrYxHQFKf9I4QnBHj96uKBOPFPnuNtAmrEyOHPjCO4Gp9h209WbLsI4_v6T9SVfGJdG4yrVgcGU0moeJyiT5_xjHj-gQ8T9nmwpnvPNZK8Fw6v5qoMpZrKf7voRCyZpxxkF0c0wfgv99mum8VHGhEGXHpkZDnI5CF97yCRRlWpo=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=VgREcmM3R4L3i6cjk6WpCi2Bo0lPu_EoAk9QDMkCmW8bfK9k5zt5d4-fN07S86kudqIvO5RpzW_1fDwOxAWFA1kF9dEsgjyy99VSvDNGZmjM4xSZLV5hKDVsQZ7sPe1gNp7H-y493Lzk7R-FQQn2KCLxcaQEg6tjSlvu3TKZFs8r5hjWcRLl1iimx80oU3hTgbPa-hiewEPVMcMQMamTEgd_eZKAm-0mNcEO9lkhIUTSxDxG3xmTDxPZ10b-eZ74cee-7JvK2euGZfEP0tSiUVF-zHE747C3xqlcroJvIe6QLeMZpWRWgdh2G7Xg97ryNPjKCX8mFsFdiqEVk8CrgphYBFS9CIqWPRfE1uATyjSGuRbc9MoQkD25-1Gq142MGIGbAeRwEjtzWnoQUA0sGcNpxMSW0IemCQ3uDePEHBg2BWHgTGeXXtDM7QipOd5XRhMAuYrAziRx_OUTqx5TEMW2_pcr1sS7vkEOs2h3SScljZLWfIi7jo5r_xq4Gh9XGVAARuDoSwk9roxAd707rND7Jid1UFuBxo2Qy1racn2_BzccyiPCm1MGe-r6KiGsnTAtzKQgoecMnOfiggO4vbPZGosGc-TlQy-VqBZrmW7sMGnv-NDvsTYz6PnoSMb70rj18de3mupgHc_QGjVt0ApxL0mjBk0FNycuslBLJnQmzCimmN_Sa6w=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SFH0NEQtLuZGVA5htvd0_otPed50J5NuqmE8Dql3YXYvOTZEitPWyqoWq34uuf0myUZoHnBy1m5bMjN6oJxPueIWSXWkxQJHjSG6cEnkPMBaOsWwtq1Gh32_tIQEH8iCYhVXg05YAOPwjE2P-K17lgARnjyoDue0X2f7tRhXySKkBgaxpYTn3xU9LmFzIRsbXNRjqdXgxJ_mkYeqFcDaaxThZMyqFQOg_m7GSPwS2pAxPr1UKtvJlCQTdQ5_jkFFH1GXAIpgaOdDus3le763alMdZTRE65rwDz6aTuw3gs54ek2bEEEBWqLrt6dTeh_fgOyk2LDwF4icD3rbEaHrrbzt8-r6UjRjgyXcaCKBXK3ps0EhPgAMSGb0i9wlFNzGbSIkUBRmqaPkjp6ByYClmzS4mA1-Lvnle4sOujMcFncHEdgUMTDDuK1m1tvL0wP_BytpkLKhjaSf0jPbe-aVuswJLPNkLo20QTRje1mbdoRfT0ZKoHXunEi-GgiidxFsTm3fnpmG6HdekPbgUwy-5hIsapVlrOqWnl_meFvtkOYJ_v7Adqh7ORO_ZdMCj-nNVNa9I1tx4viTwa49YL5D5k2NkScIe_v__IfyvesUiyXo7QuX99ercdyV3A2ngwQ0KkHyNwEhGROYjrcbbq2j1EUP-IRmNeG1St5Fc6B6n6yxsho63DOIE6I=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8f349b3410ab5698994b8ac0f555885d1637066155&psp=SoLJ0D_Fidu8gSKpAvRHL5KBkF8mT4tATj73LJqz85ZA626sioH2kkhUaUBqbDhRUR9DDvFJv7gBuszThMFefX_DwrIjFYawi-MnkKTHKoyaQ6Z-YgKauYaChSL30skRdL7ikpL4-TjIQU1vT6K5xTypp-UJq282k4orrqPHfBCbUWpon0L6GfWke1rFsB9vrfzMapl0CDkaq_p8PzAaDQByQCiZDB8zikWGRoAdzSqU_wLeISg9c4hZQxk5ZqMeSg07k2JHLn7KhDJVHiPQV40RIoalUQegWPRCudMT-FIuAwf1cmkXiUNLeaqUbagNM3u-k83sqf8pjsbu95AQvb6YWqcAUK1Y5pYamiVSO3YdJOBfi6RvTEScuPB_r_shz1eb3P4Jm_u-kclNqsXh_qQmK21Nuv9tymcb13eZd-qiCAWSfidEizY7h3heEACfJUpcenvaq3OXZgdd0m_z-Wl0eBDsZcN0mQtWfdEFAeVJIwzByVsQgpqkZOc-4si0FLatVWj22ULDMS5EzAU3VJ_478MoviwJr80P6tLr5nvGT1AF9C6syQ6bKHwa5cS3CY7yhEkiL2wqnEqxczFBM9X-wxMmorzSnD16P0snChBId2LH1hgXxmXVbziF7pplW4JIkOcKFkUHTWxxI4lmbSdm4fhspTN7bTJ-TR6Qs_r2JN2RVNX-uzI=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=_6UlDChAde9zgbzks38q2JYjWJ7sR1f6OnpOpMU_3Uo_DGpsJXBwgFXl3FNadgtY0vUAKwUlUJC-HoisXAgNdc293woZyiMT7to7VCv31u6SSYv9YO1GOAp6mVaICLbImDcM9WB5or25FPDUic46Vk8ZQLzsxs4fpwwDlt8FjmBoSfbWUbbW8eQbIhdej-gQjArr2fM5ltPsfYZrVtvApwjCvvjeZwz5455KrqZ7S5ak3rC4BqigsZrbEhvwtiyxDyCy7iq6BK3QvV3HZ6c2XYVa6C0dJFu0EHHJP10bbaS7k2n7Mi88MxrMVphbH9DJLVDnvKK_bpZ0EYzdVLi7Rx-aLtbtqbf-Lqsm7iCJBfWHoIEkojBsnv1MHFkLx47tVl0GkVQZjH_x59G11VrqRoCM_PwrzEhlIZvE9FyHJ3Vr2vf5v1dVE83Bg-j27r3d1OSeAMPc1ogh0Au4juIuK4yeHdjZk-bDx0fOFdo9AmLXpxtylulkuaKxJe-pHjOQBVRL9OrpkadaaXFH_PB9DoNfp1KaI3VZ81Zjw483PRk8cmFYvnBOF5BIB5hsCYS1AVNoaic-7iSj1D0mmi3rdhwEfD1qzPBwR_dodEmk9Cg7GvsD7cClK4NhkgXxzpD0BL84jHuMbkiRc3XjDSL59Cotatjbm34CTbGySJgZYWTYaaCymoGhao0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=fwXSx34iOFaGjTTPNTbIGMVBDcyXJNC5FJIH77I_N6KjrbDbv6_wt5birx_mKXMF-IGG9lin-sTYBxohIa7ZZSHwantJsq_Kqnw3voeg91Uw-6zfLC-M9pQu53LHQg_yDsy-CZY3H830JTnPNO48wEiIJB8uQrACAN7KuFTJBubfkoe5txS-i2hGdb3pT58NRtHMumzT6WxhE7QoFf8HsH91zO3iF6WqX511I0ydfTiligG8VGsub24cS-qeJG2c8MvWZTp9hPxPNOWIlEbaNuGsmfrGeEtyUPatUBmPC-BWly0h0q6jNzqqyUVHVO_nnOpAA4xmHL3S2EEbTXVktcJQAaCsd5i4neAtrRSxXHBCsuvV-nBGfdkuJC8x7f_hNfc8YOD0KThDztuPgQP9Q45jdey7yHyVgD9rbPUcsHcIxAdfrQhSSTIO-Cm1dxAwwYQP3akQPL5-pjVyok2v01rdj5XLCGbQdsQFNGShAM1Cn5r37aAJXSmHJX7wvlDRq8uSmg1HJEoBjQj0PoZn50t06wyJoTzYERBIcgE3cYagkdcjUsUH8242iG_6sX9SVrAe8X0OtbPycCl6zQXFsfolYWrxujSYk5pAPIk0TJtvdRMSDrb1CQRi6I82BNKxjJLQyyuV5P5wgf6oUAg6AsQQGj8z1FqwdvUSBeYyYWcehIVOZu887cA=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=7GDidJ0F5htisBGBM8v1-_oNmexgaTmwXACcAHs0EyZ7AfzOC-uGFkUCUr7X2Th3yzMTZdsLm_WVOaFBHcxgu66C2uA8BQQm_818p1yDryqN8ZQiNL6_dXMsTJEFS91UJqmyFK_iNWT7ZL1lyP0oTPK65e6L6j2CAzMWyWVtwcVL0kD5TZohgFplwF7H54xQh-pqrVZhZLpk9bLmNKf63eROgfeg5VtpxwIZbQlLCqaAxqLLvG7gv64MatIjPe0fTpw6lL-KCbGCYrUugKPx5sSu87dx0OoZ1Kj6_Xni4MPDffD91eJ9b3aUUB8qTFMsKHKh_F8jw1BRMr1TQv4xGIXm3GlDY1L1wNEd-XB1fVb89IgKFF1Gx2NI-BDXsC_N15iD0PtIrkSetL77NyK6llbLZt_byryiiwWlPLeOGSgHUd8ic6aKPp-BQUHiFpViw32-ky81nS7HWMHhZ1SPYSCk9erJLmWdQmmuf_WvWGVkRLCym6UZItI08tqe4tx5NgXatrhK7kcFdgvwKVPACxC6nEVkDrnoQlksu6W-yTmf49FDmIUOE4RsuLz0LoLcdxKQQ44IGAU0Lj8u7eBzLSTXBEOW0RxO6DPIaH8sdOIvhxH9zrLF1U17cFRsOPKCAxwjDw9udyAFM71A-KDcvmly3Owa_TUDvWBIRhf2w7w800kn5pFeXGY=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c30aad66d942ddbb66cf70f752f5294e1637066156&psp=M6Yl-U7XjHFJ9IGsiizSUEQDdTg0WUkwORfZqAyFTvX44A4R0_OBA0XFOhV5X9IhZMHoZeJPAHaxisMM5AiuhwxVeMocXzllu8lyEDl6kc65nDU9Ksc62VJOvBll_jg8BpMknz1XX1j5Obk-Lwcg8RE8npQ7CmrRRz-Pblf7qFDzj_bwPQCpeKoRXuUYiEfsruUS_0qmU93n2r0mnkIFbb0gv8zIaTvkcyXLEl2jFneK-FOE3cWf5jRGzoKIQR0M5Py5HH6J5wl2xNzN4meIcQMLANIn-1AlhDJTkS4O-HM6CzNGRk2aQpoLB9vSkIPQRx7Hy3Yoktz11A3AIcmJjMFJwKFg6ZVv7rLeaENVcQ3a3jSLzfjK9tx0uP05KvhnXZM_KY3Ncj7rMzVnx4pHbVH3OZuNJAFX-5wZoji1eqWJlIsQ7yV9WnB3geIe0e6ax5bulMIO5V7oPA3FNfn4X7Qw5_F78iws3qFmQ7OJwzZ2h1as4AP8bshI8YmaMnwnDZdyKaoQM68_SoXAhFTxP_QFr7eLJNdCaAi0Wo1FWVauJgCvoiOums_0Je6nSd-MhN4Zwc8fg3wkhphADUOJTHuVYqjCP-S7YVdsCpid7bI9e_MJFMKcWJ84gQYuryKcDIX0EcpSH7bopi9rCPnob6jO3uIlPcmoPYdtFglttwQZ2LWhK-oOiHg=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=HrYfgHuEVxvpKFO7C2SjFTZ6Hoe3DXLxiNhIzsjR7YMfeM3w8ncT8TlVE0VV8ifwVB7rvYvuDGMS0t74ce7c_JpPRQSsziOCc4ry0mHuRuknSS4eS4aJoOQYwx7UXw_WfFkeSeoB18VVoyoM31S7w3lE79ehFNfVv30GIV9OzZY4DRViiYYbxqJxEZNes4bkyq-vtx9DnxboCJqlq2ifrAUMyG_y45-JB2bdn2OFdjxNtnIYeIx4toWPDNwPhrl4GWb9120RGdewwwi4xGPu6DJFSE4bVAdw15BTlpjix3XR8nRjgkyl9jccIK2XjOlmsLAukyydADby90Y_CB1SqxMupsge8dA2rVinGfNlECcYBpcVyMBU6-eivK5svd41WVvgY7aVrxxp16l_F2LAA6t-USNUciMMUrABoiH8bK1ss0KTVbTkLhtp5H6XoP2U95653biSQ_nu5JOoY09-8CaFMNzgwL-DX6RfesaeqFWkDMCXGXQTdWXR7IjBrYzC-nyWaHWs3zkgXgd34T5C9losstmNVCBLhvDQMlnUff91WjyajBIwD5Yp-qDt4mKBXHGC6aFdbYUxFNS8QdZr6HJ5zpXyinCqVJIZF_W2P_GYWJz6Ig6D1j5grUWDzfmBmHoiW_w0yt0dIqQDf0UePPffxEUVraO07wZ1Uv5DQgQ7eNzu71ENWCU=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=jfQbcIY4O96wvmZsGQhgSXKn4zmLNtU0Zsv2VEDqiJDaXbXVJGgTwSxP-oIbkfg31Loe1B8-lF2AC352Qie6XJI1xc9Tlf4dAh9LWgiqcj8MSm8yyB3ZOz4U5qN09l8yhhet83DzQ44lj9qVK5XleQ2q3TuFomrlkLpeTBTJMMza0ESIgWsQ7SzO35-vnrBQkkuJxRwrEQzAtbzaIrTbi9BxdxeRm9hF1asMmbVbQdhK7a5f5uM2kXLLk_1TS0_RY1C3UEXW6l3NMTKHk2WbT37Nbc23k-RaeLDNlmEgTOa5DfrFqm7Af38X0tC4qq7ou2sJ300c_M_6NQ6Yr2VB0QYjT3PuMDz-sKr4pDUdmFL7hpHQmQgQu8LNLkTri9v083UgdpQFDJB3pLyn1gsH-VXXJWBtp5eECwqfttT6eTyjN7TfPi-JvHmerbVHpTlF1MC8jYvoIhflLh2KJaXxagO0UisqlUdyc455ZKhz6D1TfppLgwQirIf3rLxmSxA5YK-eNHom6tYTT8EHBtvpm1oJSBlL6JfEd0YsUsjeyc05_eMLzkyNktJ8vH2yc9VSyM0aeLxsFX_MCzPHxzxRw7W92ocmyVCcHAU390olnfnQcIMhYuwSMT3mU-Pgj1-5TS6DmngVxggKyq6iDb3xouKpeEe4Y9IDiDUdUqkSQgfAGfs51waTnx0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=dKknQnqHq8lCaPfvMiHUoV1Z7vyTx0uheKuZnjh8GrLH6IGvypyeuFsCFsR9OHfZvRfHz6ftI7B_ixjN1oCUI6vofSG8WoZZd7Tozx7yl-mxrfKqphfC87q89e8JkyU4Hg4po8XTTJgGjHd_6kzF9qyGet_eKNa9mbiGfXwGDaQ7LCf2ifwrc4xp5uQ4A3gwFO5w9qrLUmAXqM_Du4tyn7jsRjfo8_lm49E3kaM_5LEHHOl2_KwWx2ii0S8A7LdqNvToVR6muxKxOgFaJQrsQPINN58OLdRP1ovUMySpKnRcjVZTLUak5rB310QdRGAyjJZTxs54vM01p-vpMptTIlIyjWjzwf0H_6AF1thaBeS-ycx8YCZA2GoC4aqKBpUPGH2TDybiwJmRSRJALMEFuCs01evxubl_8U9Ux39jpRaY_k4ZEW8tKGlmwjqvhwKNfLRdm-oN5Ojopfr64C03ekKpIODefCHZ9afGIKuVms7p8cBFYNi0dCoZOxbRPaDy3vj1ZJVro5iE1oq0QUVxRabUg-s-nCpLPOLmrjJLuL80Lz8ozBi34pBmjln2hErTiM5A1-8JIc5zWSq-ir4NX-oB_f4Clz9V1PupsCr3KjC1WPTf0Hv8DNdKGOZwfhozN4GiQYRzOrXotcYEfhcG4vJgy_0l1Fk2rbIhqWrOSQBz9aoZu_ZAAQs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=bimt_Y583uDefAZgsGgdlgDQH5pMW_OXKY3VO7JJUzkzSPGdj6WICuIJxZ_rF_bfH7lm059JPTFpAxsZJ2Anjvn_CEYub9yRXCTZDFjykSUnCneHd8wjmLGfBE3rD87t2VYxOMMJhBxbg3ndLKMdrA-Qo21nyMSfiUkhBAv4WcP_hO8swGMBsw9zJZRJsLvkqORulzjHUV00wohU9wb8voQ9ta8L2Msx45sB1wE7nQufGYO7zmFQSYs2sxIlOBOvUUHiwzG_c2tJDsyAKOyYJRnyCDh03JPArbfh_vvlKY_ueqk-ua73jNX9MReZvBbQgMt6Z3B9yQSHkcO-WT-GZK3TEMm4JlH3Ay5ScFmp2NcYtzJUAPWP8TlaYh3Ya9-Xiq4UmliQitA8bTbWsfl_1UEtZGJ-aVt7y9PYCs_cXpJakehM-ECJ1FrE3GsA51iQveGwMb-y2vW73DBwy31KYsMFMLDFhK4J36tzAK-aRxRAhv9FenO1BDLkgChjFdJjlcSYY3XyBxWWg633XIXx9xCXL0tax59Vd_SCbJ35Kc7tnOOG82GT3j0mJR8Lb3TmcxagBK3-1Br9lQIE4FqRw3EnH2VPcCsQoqP2Gt1CoEEFBmYL-oRLI3t7b8KtqgQNw-CmM-nOaULzoANqACsffa2E4UJhyoygqkz-0GutOIlHG_wLhsZCvz0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=1573f4fa884912bc08bc785bf4530b3f1637066157&psp=j-fVyd24stYBygBkzjPPCpLqvAn3nBWfEgd_LfWo0pxuoFk4P2lLLe5KkbwMg4W57sQAmbg2dyQ3Yi3mGR5A-Kp67D66zPWuHpVMlA0aGhksoANgzoiP_v4XFPlfsBjqMWjkHRixxNHhIzxed0D5e_xaNOVejTeLfzJlVMk5nCYE9u2TskUjjvFB91Q3KUgjAdxArh31K5JACjsEZJW2eJGzMpVR16f-x5TnHwse8ED7wlX4vJf0n4UF-2q0GdVYHClLoCamc0pSBmmR-OzC3RPDyF2xoN8iFhffqQ0q2if12L7SWaEoZxZZSnMmZT4G0SuTN8-rWHxzGhUn00fRHPbmLBVugAiHRkaVNVsrrBIbnqQQE3ROzh2A2kJU0HkDKlSL8jufBzdRaRA_jeDGgb9HY7Xdtgjy1aIki0XvO8Av_CqSw0Xi2GuSlgSkDCAVvLEF6HSq1XelGw8navlJVG8fEgMcUKJ77uHEHmLXVU9XD8vDbxhXTW6-ntcGDcJ1EFm9BPKejd2gsDvIVQqzedbYcBbyYIGFTAq3k4DqDXLJvi6Y-6-b8-qNW6F9ej0lRGeE9Ykd6TXm4wRHVyqzhjXdp6UWgsOFLn928vyJcjcQr0qFkXElKaavL8tjqYULM4cPHjFF802eDh16ZSdnuYRDsSeqHc9ST7GXIV_rp2mD_V4w_0NpdlI=
Domain
c44wergiu87heghoconutdx.com
URL
https://c44wergiu87heghoconutdx.com/pn21ywqw/z/sc/scssx/1601571/lib.js?ymid=2111160535aebc34a26e2b4aa294d84b8acf&var=1541502
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=iXbUvZHXEAkYhEIaxoIosfTHh08vzDvDLuOu29a21GeE6uvEcqHZgODJ5XNlq6M4mEw1FdaqOnEdxnAh4RH4IV3xue8X9cTGcE8oHJb1XAXYoodING_tniAFvk7OKV8O5UsCxaPEAVc7LdxAyl1f99Tt_j_j3hpE3BujEbTqC5jfOgcSimEV6K0ba7RRdFreLTBjjoOwMzWOEcyfRSrNOEUJWDHFBVDDLNOnZwGjnXWB18MQmhJDERvZOT2sgpGEOuGe1D2PNLy6XE-orVwgm4bblUXWw3aKCyA53pNUiXTh9sDSW2HxakuWJJQq3vES2ZKEr7mPu7TPro9GOH4IQE4uOJdX6f-FZyyGXqcVDl7pHUz_z2EByxQkjgbNH3weE98Z2p0F7QiZ96qP_M-DHgzxakd5VEjZsDiDKrsEOVbtdkR65TvviLen35Tj-RU6FBmONSzQ4VwLDXxuyaNAl9WmBEPmcTlmDgq_oCRPhKQWV-sYDaecW30Li0tFT2VYK42IELXg8dMI1cTk2bYuIj36H2xHrsMRHCahp1S9TY2tNYNUiCq93FEe9t6m_3fM7JhuZFgCADhpz77qVuAwLmsI2U6CdzKPD_kAlLHIkyBt065-Yeh5eNmDsMVjY8SCyVoLhRsPa_672Yuirbqof66d5cMBCnEWZ7LYfyY7YhiJscwEXLGXWOA=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=4BPrGPln_rTrwS_jQO27NxO47eOjwtC5cdQXHODI1stAYLVJpR60uHH9sYQOR90DQru-zITyeZVKXnJsEeuLYJFP6E2kFR64JEeBKUfrbq_jUeIV7HJDhrx0EY7W3JmX3adhmXFqbE2g2SeumDib9dZN901kXewdq9b6nOzfn8R5DG2V6QJ1VivkcStyoLxgGHIF0JdT2R62Cjpd_ZfkmMrGEW0tV6PVUk9bPr-9sNMIsSJCiRXElJH0hHf3ZWleHLXE6-Ms-2YUF9XlSH5tjYHeIQoyUrGsYPqDZHoZ4JqbvGnwhoMUnSU8uSEL4U9YMYQqhCW5qXlrTnkrChT7ZFlbaQodq7Ux318DpvWv1EfcjW70d3GKkwX60k2seKFTJhBFM2JiX2omgyJ4tZFT75HGL6jvIBSJ8ZmjWftN_26PPYjBGUxPfbzlVxxcDZSV8qMbghHHXgmzhkJnvXXXpPPRo3zp4sHiusxzn0fKmuKPP_O6JPWmnZfUfV5pCVKaT4jDn_c1C-uk8yCN92uIWkSDi9degSZ-nmWpaHF37evHzN_3mBGA2aVzKx_O33aERtllybsa483wMUjBt-M_cA-lkeT890GsEr9viixw_aYvcgohUcaq3ABQ0jhHpJPJ2VFft2pGAYKBoohBU-rv-tkPreWbjJC7CFctPmo1ZuFxSZzBxqAC41A=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=0ea71d11a5b29c66c46178c7f8c8ffbe1637066159&psp=xhrhPNasnl6UQcW46sXSX9o1BuCcjOUK-6UXFOg1nWgueK45AgUpWub737sGT0XyQxTTRdsUUwlTh1-w5L27_kE1X54AACClJvDs86JRknOXbe69KJuCmM-ytX1YiY61eLEPr7go7QJJH_0QnULoCaqLrgwMDa8mkI4msVTOLLvsmp-yoCikXpokPiZSzacttM9CWkmBNk6ANwKoKmC1lYBclmVWQclEcqKQe0zKxtI9NJ4nMeUFdBmN1RL61cc1MkpZJ-GThCeCb-JZk2e1U6yemdTTdmPhomkUx55rtf-dhGKDYtVJ5zUszeMd1yOUfuNTgNFmPY1McL0HIr3dFOdr-kuHMRB7byqSnLZoAW1iEiOnK5GkE8Wrg2lUjrB1ep-HndTLmM_AVOrgqnrH83i4XGD8hdkW146n0QW5ekH8PaloSXaI3wIio1km_pH-Hc6cYG4VdzLE_OVTYrLO-mp-WS__bdPdrTjbpRntr4RqZblL6GPpHw_Rr9beNlaZVYT5sbruY4fSDwoyuFxlF_sypBm8hjN3rHxDZgEIspPH-mkBVAEJfPVMyt0IpM2luByKE0g75e7xYIZkGg16esprMYfmO9xEOeliZNlq-N2zTVel1NG-sTZElgO5DZKbelBQ3qzpIlCzEHJCGKBq6ZtBHCBeXbw0ZRMAkqGXfON17ZOxaf-FbWk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=xhHV1DYS-0bWeqB-ETjc6NXcBE6NpejRasTX9weEEcq9ZJ12MI9P5_WQieMcfgEScGAG3dtHPKnLX_bPysNUp85CWdReh1k392sxrj-hv9iJLV5M8asKjiad443tyIJVMsr9bx6K9I0VDHLT5EZubaB1iCUIBCekCGhIzmM8kLdUUaT_vUcCI1Pq_CFHVuNTDhgNjcRcBHX98T_j-BgLFgXZ-ZwnvOH_I24EK4U1BCUTmhXBfH1jScucdTcpV3YRJToHYrmum_l1d7AnXaUYTCbqhIeitoHkaqIM-OjCJQNHQbrvv34K_R8MZn-teW_4MySIXn082ma_fwBvKZ0nXQEPLhmflrh6r0738OpSPkddMphXrBYtfZWKK63HesyXJMEHKvvWiDqwcJRI2zpGpVkQ-DCZkg6h03jWyCZrzUYXRhZmShGHdgtYgHL1wyVoknS4-oNYAnPOJPDVK3jOpuXtidkXqkbsr5KaPQRO-DZwH08WWSGea2UOBT8EKiST4iuH0DgvdBmYzIzN_hseyJaecSv6Dx5nPsf8nVA8Krw1NKrjOWakd7gfjmUtgoMjzCPR-FebiT0IqaN6h0kEusfo_NWy-XYQDN3cJep4JFN87hdhZnRqWPpZjQ4v8XxqrH5QDTj2Czn4Cb6k95DOf7kpfunWLE8BjP2pfdxORiAOPFOWjCsBYHs=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=z1ZsrP059Rl38imJxPdNeVu4jvcEN5hnoCqYR8Sc_5AoystVAwnSsje2MACs45cbh4gsilZcL-Z5nWLb4YuZIkFbxjI_IMkVRtnXXqdrnR5mvyGyICx-wimJZph4V7ZQy3NRSZdYVAMikTlzHl4XwudXzCn-BLYUipTJgKHbJRbxvMAcxLX6pTjSpZawOluBnzKQJSDsyhmPmwHzgJyUEtk1efBwh-_AEKjrIfwA-3pC01hfxuHFPNuOh7rsGPqkZdfJCHvSL45IEFiF2SV_m437Y6yWCZVjElNKp6ARXFWdtjwX1EDPYgXXbiZxVgRIgM02NHJqIrsc7Yx34ZwibeDGHu7ki3nu9h_KCQHIbXj1ekvASN8wO-5b_k9O5ZVDgVkJGqyZYDDB7DMkKV-dJjumF5VVvv_HLEc5DjOxZz-fHHSVb3qONMABIryLSkhYBj4DYkbB6T_MB-NuKX7n7XvNJLA9QKqnPx3AEVWoTy_z2JgpAGRjOBq_DEsQARE7q3B4H0LVV2eC7b8aL8460jCEWCsLmPZuP0kI7BkEl2aa3mTWs3FHErG4hccvyTa-rpIm9o_jwshYWiZt8d4iaMofp6RW1uHV_5HYKcySbHvNEWE5R2Vpctz1NH8p6HZJkuD0kGFsXMUenRXHcztZhrsk6gcvBWJ1t40pgYT9AsCLzYnLlEt4UVw=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=ac6732fbd25e33a81c1f01a56bb13dea1637066160&psp=V8700Pzb4NdIuRGyOXvtXokRALr2ojja8Swx4b3kJepPPFxMWG_Ila_PxZgs_1tBJmsjGqYBX88mDdUJrtkDNMgHQWSit9wbVuFYr-z0Y7FkG2cHk_BvAHj8nLLvJkpDj9hmzR9uEw9rUJiondIGnml_eCB3X2TXffYLIxgm3IRD8DoU0i-sPa_b-m9imG8YbJ5KzpOv6y1TmxwpiZ4a-NxLTWF8k57qOQ0N8h7PRzvLK5hg_K3jvBVvfQKwobsVLUlwftAJff8gbb4QFyWLwfH5YX_HC1vVlEytIV_P5mon4ljJYlcemMJd4voCXrCisO5uKOWWzPOHHlzT-a-8sufqM5AlHvwWp7qnKGX5HWw9smVDG26cB_J8CLMbRPMwCKN0PzLpASGPOcr0msbuf51jEyZKO3qQwuwBTl_ObVzR8Ajj6BMBEltGeQ2Mbog1KOkhiQs7doqltscxew4vDJemVcc9JpFdQZd6lgL4kEPXjnkh7a2ZY-raaPqMFgqDJCM5a58ljZ8er0-puZPvFyceU2moSXB2s-6FsTHVKOUlu55MKG77gLG6oV2Z9BhGK-ZUSABoXZqD3Agwi8k7OFt6792E06RQaNry5xQiDUZjRkaG-WLRDU8zelP5FVXOwsUj0x6SMhGQmvPhGjz1_eAhesSDQtq2dIKiNaXqnnG7lZE6ap208BM=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=UIWALQaaMYfaQXG0OHnIxh2nrrmuT09RJhF0RRlpxSWMNZS_3loDZA3b0XfdmdGctw3mxU_lbFr-Pz68G8zX1d2JZGEcNlgWCAWFCXknHz0wOVQQaA4llB4XiH6kdH8tnnrOfZo7O7kQBM68Eri8PopzWL2Bk10OVZJNBHErbhWwXxp4Bd9x3MgZKffDrhjPB7LasXwI4eNw2MjUiuPGqVeCc820_QGN1Lh0UePmgRbibpNd7FqW3rT0VlA-B3HRvhX2bYbxcub11d7wQvIklf6xLScBEgvsg5NZmll5fuGki9er_JL_e8GICbP4ptrKInnLaCs7FfHlPpjaWloGim2j9vkKsvsoq9rMJhJM-lezI9GTqyqjtRyYlLrhZcW6pHw66Koib_2dfWyge4N7J6HvWMOF6qOwNpPlhgEL9aXCuPr2oVHVRp9xpeWF7pKUttx1JIQfRDIfQvK34GGVLNdTu9MopiTi2sC2quyIaFLa2KvbckSStQjNtb51kU1yBTRMnMJyqcSSgMXR84Gdueg9ciWlCrFe5bQVsg_LEUpwKyHFfaEManKg0bPS0419bP6v9oHn42kc3QacbTwWYTyKDMjRx8fSqH6aQrMEqCd9EeckTA4qCmOqvfDNTcE46YdbU7L66RB9JRRxjq9zfdXUOVups_E0VsTrcfC8_MfNeFAAnuEA4-Q=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=6suHxVQhH1x_drvmBiGR9HWMukOj3e9TRspSfPwUbp313qrwXtKkgC0w3lW3kEC8M8Zck2VHDteoEj1dJVT7puKKeGFaTP9O4MBblf8b-01UZgMccKibD44v02pT3iSjdV6e-Xi_h-ezFnQKbMVK-7rfpeenpAQTXW4A3lZukMGWlVA_DfzK5kUGDrFxgkYJA-5qYcgtQnH6d2REFlQzNZG6XW20K_pZ8EIHMdIJiKzguyLMnbgCX20rjIAragGn5Xzq34Y-1CyFaFCbu7ZRUvPnEPpeL9SQyuYJ5OZx-iKag4GRYaNssuh-rfAtifVx42fxTIU0FnkbLgmt251gcjWu7WJoJNv44Pwp3OwsLfiw9KkJ_jo-iDaqgZaR_9c-_c2mNNVQL9sIXgOrHoA7rJvkjNtgxsysHXWnCQzX0Gtes9Jelwj_CGpCaPBitt10sHYXnAdcFXmEhcZwomgFjRxJZhhbaa1PgvxcUL1B8CNCVUKooTOYkY8zSf7jqMPcMj6Dm0fKi3-7acER9ZLuWTwvOxG-gbbpK7QcxN0xL30Rr62UZmFcnSH3hHB76y_GEjyrmmF7lrPxwmgIDmJ04Hb0WRusKByq3sQ060X-AgMLHr2JbJNfr5A7_PTPPdBDPqcfyCD2qGMVDQmLHmaYbJtjc5DhcvANYZL00kK0xO3L49XpAUuPwKk=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=Q-oj8Jz-tQg4XrvynQ10IyVImupDpq8p8wkEcpOEoyuJBq8MHXYaXQk_Y9LB3jDHKQ-ni7A6C4ZR9oQVwBe-JmDNgPsNgxuRbYjw4_eV0P6Dw8X7FYWYEn5MoVC6mb61CAToGICjMgbAZVK2jffp6i2IbyMQeDqwuXOkdMWED7rXfd3MStOAukfjc1SbH4Hcp22sqrYo9lw8wzdtpKb-0T4vmbWe3l-ume2VVX9aXT2TqOfH2-56IURRDeA5UZTJgH1aNLrx93R_PE6GbIHqMPONfzoaxL5-HTfO5F8FnKIUCe2eOLzySUflDMR1Y7ZCmbmGV1Isc1m19Oqx9RGdbZ9-IuvR2X5KSCm8RLTjYPcU3cLlhWvOxtiNA7YYgbkfle83Avad6XxCQmM-kM-GQ7BnV6MpAmUNaULOiJMszp58mPoRe32x1qzLfq_SBWf5EGJ0kzAt8jC2IyoYSQBXz-G8BFjzRhVATprM3VmtFkrnTyVv60Djc-He70LtaCEJHoMXvW6sJ0VkfT3ipvCOe_FlDST00hTiyg2NJxx_tGdJOmX4k5PGvujUcSYrajwpDltkFvxQIzNjnuE3IMT82eoqiAMqXlSDXSOzMcDH_YGfUb3-lT6LCCy8RBjzhUnc1MSdPYnH34vgCGqsRT7u3IygeN6aJhNIPHmcauqk8NtO0YupvlyhFr0=
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=a5a9024273b62669fb178bc4ea1b3c4b1637066161&psp=mATsZO621QpazSEN8RfL3oiY-xarSTlqBIDfiLPz_fpFOv3v3ndKUhNNkuhnYReIY96CzcWhyqASqmNqBGLiA105yUI_t10rNUkhVLewinIT1PCYV2TovjoXKoQqlvsdEOIB78RLyvDHGcXMV72pumW0JBA_PmA51KxYqwsi4vlkkbFK00SgUB4dNm3LVId6Dqrd5MsU3ur3RogiXYiQYpCTl2YODnfnOFoLjwXCA6B7bjsFkRVjxttQzHZC-XBknNljs-1B35UMjde4emHH6gG6vNVQIf8DA19urAv6l09lkI8Q0BXPG425qX4YNz1CJ4tgcGBrB3lOxwc9LIOKUpqtAFHKeV7S067EZudxokWU8FYZqBK9gC9iwEA0Y_6RtSmOXgrWPVOrdQ-tFvevuLaVjbmK_Yw3hNdxMQPm1d6o26AHWSlgQ9RaDUS4k8PP604twng5ePr6sSctorCRU7Y_jRHLPURJBu3dNIbnK03bJcI-7aOTuSmW_s1WeWj18fxXhGnQ7wzeE_M3lauox9ukzlhCsuwD76Xnti0ZQ5XLBI-6Dv-x8MkTxynKOT4eqk61B3x11Ln4jF3iR4m9DGd_VWqEBDV1qoTnJ-eaEmkLWxJRBHxStfinIAEM_ESRy7tIaQcIjB2dDs-rx7_0i1Nh43OVxX-LwxjProszozURFNxq_Vx46uI=
Domain
kneeansweras.com
URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Domain/Path Name / Value
kneeansweras.com/ Name: UID
Value: 2111160535a259f2e01aa34832bc92a06ce6
kneeansweras.com/ Name: OXCCLK
Value: ABPemAAAAAAAAAB2
kneeansweras.com/ Name: OXPCLK
Value: AAHg4AAAAAAAAAB2
kneeansweras.com/ Name: ppucnt
Value: 118

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123.selornews.com
517s61.reminews.com
c44wergiu87heghoconutdx.com
kneeansweras.com
123.selornews.com
c44wergiu87heghoconutdx.com
kneeansweras.com
109.206.162.83
213.174.135.1
004b805f560065fa6b2581d2d8cd1eceabb7c5210d7df91a8914bef42b86d891
00a524a2df43046fb1d0a071ac56dea1289943d8fb41dd3f5b78a29a537d071f
00df4cbb39e670a43856a8c887000bb7b3c3f6894fa4a91c8b79036cc8d0bcea
01a11bd26e721f16af05ceed28458fad8df9f5ced8af38c93801547ee05f0e9c
0309d56b4bf8772a7355d29e3493c75f2b6019ca88b7e3b033476a5d92c843cd
046694c07b678960870f7d025833e5edaf50e569ec944170a830509453797919
04a62dcf303607ec5991f7b849379521882d7c0bea6ddda2db29ffd90dfb726d
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
052c98e7c41fc05c931f9830366ea5c099c6ce8ca80981e75f3827a051274458
05665dc701b707050eb46b5bb997749ad5d6f2085b8b82961bbfdd2273ca04df
0652dacb78344f7301aa8fd1096d90933ef469c112f03bb8b49b4d52f64567e1
07f747ba654042568463284f57b19be4e0463c20a5319b204c9a1854d419feb4
08b2fb7129438105e3ec8124868d6d0aab29358ddb396af7967c16b97a7df3ea
097d92e769a5e86882d4ff243f94151565a700f60d241c3fe6a15c38579d414e
0c354acd4b959676dc4d1fb35aa725c9a6b8877bbdb1c734b8a10a1ecbabded5
0d1afbc3bf6f8f8da91c5cf9d1d5fa6b0055a5eda220b2134360712268315cdf
0e05f4004430d9af81955e533385ec4d1386232194f0a75d1733ddbaecc4e95e
0e6ee9a13e1967f15f1f330e0c4c238d8f61efea150a1c8aa10e022d8e1e51ef
0f0cd502000a7a22fe7acf0668569bf56ec138e2945d38a19877e2f348419812
100b64006eca9e2f49c52b0edc7a699f9c96f8b12186ce072cad9cd0e8e8f0d3
101f4e79181f10c3a5ff6c74dbb5b5b10efe0fb3b55ef30e3dacb12cb1ca22e7
1086ddf9093226162cf11906ed93baa55104c48c98fc8172618f6dbde92a62f0
12b7a78411ae18f85870a14cbea971f0b2b05383066d614cbae37c8fc4e95648
14244978b112e728679d3668f413086b8dd4cc0616b89d688cfe89dc362b5686
14e69018f3c171e554322608e5dca043c4488dd29b00a1c10df48352843794fb
15bd98e36df84bd3b589e92607bb6a213a2bb97a69e7e7ea956b3f577df7be57
1656eca2f6b0f2dc50bdbc61a874579017d48d2babfcb1bff4936e4bc89fd67a
16c5f37531e2491c89cc8d2b4f11760d7436d35fdae4b65fbedf1d207f052b91
16d1ee69e9800d39f5f7704986f10bcffbfbea9104c067e28e466ef95c1381a3
17c7aacd22c05360ccca5b417d431dad4c22d9374ab50fa59fd62f966156362a
182a7888e74427e4f7e4cde73c0f5310d614769762ab81d8a97f25a92fc90e54
191fead7228e8f182b7e6add0d5034e7646a8b2dc96de3f6c94bb3589d56e3ce
1b486788d62b0d817d5d2ad744020b18492c3a3a1efb9cc06493eef84aa10635
1c2136c8b165ea3a1467f1ec5e3b752656e163e2db367c6a497e7fcbf0aab687
1d93147b7f660d1ccae4da39142c88071e45bfddaffa8a7aafffb87c772ff843
2027fd64836483756fb6ea2e9acc4652f86f0e54d75433cd269c617a7e5a8bc5
21737757cbca9a7da0c19512ba0cd97eb310771628c438ad82c6c86d2b6ab613
22de4c2ddb3368991181cae235f894340499f6986d41b4ee54c81bffb8bc13e7
23c54196df34a4b0e1d12e9103be8ec60b40b9bcd534d314afae988bf4dba0e9
240079bf14f168d068e49baf97739cafed8959850b7787af03796be8a1f06c2e
24030b684191516229d782d60ff7b170026f8d6c73045386ecd9cea6d3d7dc4c
2584ef78da9d2d6e269fa019d66f0e7efb3bca4390e263b0930421626c9e8d2d
25a32cd78fd679c14fd7d6e86fae41c2a37d565875f141c5eaf0b305772e97de
25afac36119a13a80454a42c0f9798e080ba844d48bf97381b5c98274139def3
26a7cbd2e5632bfa56cf01c5f91c548288b8ce48dc6356790b587f30f460ea06
2778cae8a9c84f17d4266f6a4a41ba08ec4921c4570c98eb862a90d67cc66bc2
2994cf02bba9081e6832a97b0bd1c02db638b87829dc2e31e684e081c1e66c57
2acab3ae7d16ea1f4371a7afebfafbdc813cc866536afefd5e9768eb35939531
2ad00cc21e908286c37f9c93f6e2ca5997ffe521763ac4fa0b314b4b5773b543
2b5e8f37666744673f4da7de8e18d32667859a91677554cd5379b5a149aa889f
2bb58a0907a7c5628492f10bf784d4ee07cddc860f3aab17ea39f20df15ab90c
2c985d2bb75130d5f6a4c9c4926f80f990f1eee7201989106dfac68f1b1dfbdd
2d48a7b4e77fc54e1949ba22fff6ac49701c1bf5667ea6dc03ed8317997f432e
2ed6e8fb1b20379ef00e7b519f096c3d29e8baea4284e911dfd01b0910bbe61a
30901c979ab4d790031d42207b0ced9dd41ee23294f3d46050b12ea1d9555a06
31071da207fe9b679c48a7b112450a31aa97e1ffc22a0599c79fb87f247ef322
33006c809531435ea8fa11a16f06b0edc27095184c4022623e2f5db65b37dcf8
352fde961e8b9fba10370d0de73b17a98e35e28db3089e7665bf9de5d77c1f02
365858eced0edb2e45d7346997d4c146d32d024bf42778879cee370c2cb9500c
3704ccda524c2d9cffdb4108f34b55f0b047116275734f0aaf4bfa1edbe1696d
379b1924689d711072553e998d9cc9267ac9a7b1a68844eb19174ba9ebb3c83f
38c80b59b617f588e3638d09bc9f38d176b6f115b4543479550da0a5faea0a5a
392f0fc5ce63e60f2db3d0da8d019c5e6ca2015f9600a9dfa9179e6d84701a69
3a4c4928cdaad89bc9603404f1762d99081a9801e5219e481c8fb2b9cc82b7f4
3b00bf51b2695d13e18569d823bd2df9cc1290291c71e0270980e35070fd3cde
3b0809906e6580be7a4341ef55d2df3dd86b167ff8e64d82dc85241234da640c
3b1611398c5df1ec649dd83113d10d7ad921e1a8d9a19b3e249f2080dac3d678
3b288faaaf54dbb784dfcae4affb665d004cb0da398bdd05a7a4603458e7d73b
3f292a6e0229940879790ddc98633ebc11f5d7e80d489aecfe5a1566ccc8399a
407c232d108125c01809bab6013458f5d863428ee55ccfb86d081bb16105a093
408a08c6111e6afecef451312696c8089fad38d7d46c3c5a291281e6cda985d0
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce
434c73cfead730933d6c0d9ef7ddf9473831eb3bfe2b732b0595b2e37538168e
43e980c8183c5441253a802ff665a7605aa8f36872e5ec4e0f0c7529398543fd
444516359b1a965c35e98aa98f39ddc53d6cce7dfb7dc8fe0db24335eaa83f29
4658a265cc9444c69d50b7d3da38365d2be6ff0e5679d4ad3ea079d984f8fb56
4699c2811d511a7bb71e7e2f00ec00db06c8fefbe3b319c4bdf9a7f8077b1180
46a4c495d1aca214110f97b23e1a217402a78546b4827a66fd1279490e1f8a31
46e47974b3a2b8fa8d49c749a8f735f2ae09eaebc60f89809597c295ea37f240
47c74cf8a19c78b1d288cea94404bde59072e62d53f9d1e4932e44fb43480985
47f50bb43506b9950439c592da3a81092cfc90ea4cbb8d555b8e8285da6247dc
493bcddb7d697d183378d3e373aab5b5bcd3d3edcf264ff12d2c5eca19eacf34
4acede80d78fe094f087f089a21e5944fec176d79fae9b2a009bed150df69b26
4bc977bd6203bcfeb3f86d3c3c97deeddb4f68de9ef5f53a3f31ae1f101ed7b4
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9
4eb185dea5a1d504931c21d3c7cb53ebe58b44cff2d79aae03bc5a584605a5bc
5028102d41054ac5696244c999da749f412c046fbbed4858fe977482eb992f35
5080c26a13d5c03573a1bb4b2db7dbe2c4303be9a014c7bf98faa8782a1d300b
51f99b831c0b554666d1a53fb323b0a40a8356c4e348a99ec8b2fdf3d0967231
5348b773ee921e50dccb5f426875330cf926f4fde5340af4f05563c6bbf3fddc
53ee52c5f7059ff9fcbabc09551a451f6655b2d1914af12ce2f631a8f7d99df2
543c1ab975494e2ada2b15256a0fab3616363bbe76680ce2a64eaf35425eab95
544a32bd856929b7d9a0e2dca27441849e5b7abe9c6519752ede8c4d5958c2a1
5551a6d519679faf4bc60318154cada04b009cbba2f59971366aad2824034a42
56aac09ca0890965d4166a20b1648abb5448c218f400dfb18d51195f7c79429a
56ce747945d8e6c002ae01b626e890adf19e16c76f75caee93e3da9441627021
627b6d9e20cd3374bcb8de6725e7815340a8ad6d8a1359a703b03408f533c158
644fcc8f041f7765022b014adba25baa4c8c55d29e67663540061165920078ed
65074c92e325e8efcbbbb3fd0f2129e12b4e1f60745d0baf4f38f131f6a453cb
656aa94e9ad86afc4c6c741fe27e99fbf280443911f7d6fc20909a507497b4b8
679c644a90f6636b6d5ce937d9b905bc2fcdb0126d1f5e4b8f7a1f34a951cb3f
67e960a19b70a914447a26bbba595febc749ad267744cfe87a4c0d405e40ac54
686977e779904db10b788116c5ba88abd5fc03993e50aba5f3825ca8cea0cebd
68833882814c65ae44f332867121fec24f4ccce4538cea6e5fa4151ccd8faf7c
6aedb223eef628facf52a4cb071e95197c774a564c4e80536b38badce4bbe8b8
6b6de88b38ee48358f51fbfd42d961c3d8da609df617edfe436d41939ece18d7
6befec23b32b052f7be4f6fd6394cb565924bf7595c972d65c0ac15fa2681822
6d28595fe796ee7f28ef1b3fba6dfc1282a0c5b1f90b6e5ea38295b224fa2c67
6d5a246aafff81471eff85c538180f295e738e0d7939ec55e60e644a60c03f13
6d7f42602efc17bc998af2c762f463624c217a3d75890e4d530f0d17b328925f
6f05f82acd5bca532f0725e83b5cb09728d06e74600cb444395d3882f4db5bdc
704bbe1bbd1790f52444e10d1b5f948efbb02906ca4fa86b7463c516031e4902
70e1cb9f3eb81131104f05be522f236b2009d6e78d6b221f7b9c85499c8079cd
70e92b5febad3e23c2a8b65ce47e2f5243a179accb3a1040e4f891907d34271b
721712868277e89178a6b3f2399d38fc01e7f246f8162153d7e3be9d0cb9bf55
72f42f6d8083ceee6e65aa5d80d0645298f875d0f0c281ce82f5d44756dfae8c
74015655847d1004ba26afa39d6b72adf76e793c9a726c67e3a0530f4230e31c
778fb0788ad38975eae90c2b7290198b857ac9cfacc211d3fcf46387b9b25bc1
78627ae0c1ae4a42a6d5f167caade09e551c567a7185fc31b76ef21106dee8a1
78b99f75212aee90dc9c3ef7250065708c2595ab5a46c068c81fcd40c8a1e226
7b2955de0c545566d5af9c7c6432a999a94f63c571db1d65346e84028910d37c
7e8b08990c3f733ee17fdaeb9b6e43608642e7977b70979386ae846d8fd513e1
7f2cc01262e2fee82adf8fb99fb5cf3eda8a66c228a9d57c90c5197dfbe9fd34
7f4a5f6742cca99bceac0ad010da7a1a135e5c38f42797fdf2cdd81c8bc676eb
808ee735f586f047287df8e6c61cf5f492ce66de281bb81d16ae6218945bafa3
816e1ab8686149749cee9e71f5ef08aec3a8ea220497fdb8657c2f3322b5c031
8225ff3ba4dae396e6c6848efacb243d12345f0e961799e36815a288c5ba698c
8284e1cc14319682439c34e90c567532881e1dbf50964d704545f5cfb9ff70c1
851bfa395b31d287eabbeccbf7a7b5d6fc0f7db1fa0917d62ade7499f48f3bbf
85f35507ff4e892124ba81bdbaca755247726cbb80b36ae310168683fc986345
86d36b5bf3c7e741640503e8e55cb9c02e51f03b18d79b325252e08e02151ed2
8712e0afda288a7b775b8e68d7a33a051398bfdf527512c71e6795b9f2f92b8b
889050a8b61c9e932e6267333a7e6f203316b02487e96d8f293bb14b042135e2
89883b10008715cb80a300c1b8cbdb25f69510957265a4c47594568428a8d55b
8ad238f1fb2ee557f2b367e9d6e13c65513b5c63caf3b0b7cb6760097c4063ba
8bd5711c58c37bf7592421226c9e2ca8f3cddea7dd11f0d96c4991fda936595b
8d4cd764a40094a85053778a5086aae8d3a4b90ee18866327e87dc3ea15e91e3
8e0f660bc138583ca793a57a16fef132aff2e4ce84c27d2e9688e2a9e7ea40d6
8ea2418afe97ed9c9de6989252fe6d89adb948565b76b29fb285a735e10f92fb
8f897a8b846568733f667626fc95ef971d2dbcc717dfd2f22d95d9cdbf6002d2
92c40c264a590de09d274426dba7e963b0fff8ea9ffec828cf14d3f02dfb200c
940b0ab440448510a8826e8dc82e1b362b8c4a4122d24c6936d9a52a6a00eee4
96381f18550fb562dec4d9097999c0e34b6b7abe308c628e9e9b2968c35a0aa1
96b9539ecdaf04967d765693d5092eb3c54f0a286d643c9c4715739cad76620b
977c45c865a10e9a318cd871a6ad607999dda91389a89b78bbc58bd82ddd23d4
986c8cccadb85d1ad9eeee9229fb4eecf2c708abca286af423e001cf3e39b491
98ad8f89ebaa3198e4d7f7766579fe992ed9a28476ca9ace74cd175831aaa2de
9942856fd9d480692b98e3cadd56d973fe796093b5c6ba6f6f8a78aaecd42856
9b2a643f7037a63a4b0fa8673e44166d30265bda52fd5dce6c3d1bb5c35c6657
9bcc3bd772c0bb74f12db78234667813f8c585ca3d0d744f49fcee60bcb80d34
a22f562a7937656e08013e3b104077e4369222ec0995fcf2847694de3f247ebe
a24a49c9d7c9582841ca9068ebc5b54ed398cfd3d928d12846127a210243abfa
a534670c6d2d53d7493b21ba78d517d7c1e7999df63d65f41dbdf0c7d5696bee
a8ae573aad44901b4e285db754ee5c815cd712b475249c4675a98f23ff02e262
a92ac95c4a4f0209fffef2a1baf061a6d91f76f38b900065afbb9b413a26daf3
a9cdc8e917d1719a9c697bc08f8738669bb9cc5e92ca627ff66502722c3f5af8
aafce91d0c96b61acc8e23b4ec17aad531731f108a15494708fafdb7c8a00e80
afa90472e95750689fafa404e0aca14fb3fd26d83c778045a1d1f7460ae7cd2b
afcb724ae56c981ae555e394a97aff2e2f76c519a3b1d9d74f967b42cf83a3d1
b01194eaf9d9d62fab1790dc596e2c605ffefc6ac39fb39a977b9641ea03d5cd
b102dbdbf4dc4352dc343666817caca938b7b5a764c907e6db46d1e0e51a34c1
b14ac19e8d87f503f8dea1c1af2a30787371e77257133deeff2f4a19d297077f
b3afba993385401cc302a185cbdce2e6e5705fb7b6e2c6f5a8b48c91a3f3ee21
b3c39809d3bc3213d946307442df8e04e135873ca063ccddce5e6ad0f8449a22
b3ee7d5f7aea39a8d497bdbc9d9470d21eb04ab570fc753a8f08a5f60e634220
b52fac955c5e901d2665d7d0a976659cebebf862005caf4f4926cd93affb2fbc
b5acdf0d5d93bb49ae9ef3b5d20c30fb39b40d90f174e66e9573472e546197ce
b63e830dfe35e4e54bbddf4490e0b050498c11312212f8ddedebc8f7b43aebed
b714c6f0d7d770cdd10751b7778c29be7f1b8e750cc02a4d77313858eafed265
b98ace350a3ec1618e8fe8268b96e6e84390beec0cc62a2315bd4c986f250929
bbc3d17cb04366c628a166300c9d32d63f44cc1b8d5eef836d2678c99237f3f8
be32906d8b736ef01d0325582c9e19e6a8f1c41b406568401ce4f27f8878057c
bfc5fec3375e753875784878f861e2d8412ef50f1d406163f8a8fb872d6d4e76
c14dcc87ce4bcc1acbf7e4a346fec04a4b3b7a4e9b7105a06fe37a8c2bfed421
c200c1a90201979c79c3218208488ae2eb1127c9b2e948bdefe35a95090d5ae2
c263bdd5eafdf7654b2cbd4f36efa632fbd286f43b7e372050ecb12459c75475
c343a55c2e2ae02f8693ee59e23a4b6369c0d56c10917210d757205f9b76a407
c368ddc33b8b9103ea0297559ce9c314f6b6b1b772c06b705c9dd17bdea97c6e
c3bc881b51bd787de07905b3200babacf0fe795ad640a836fe659246f5f956c5
c439483362e0312db280e5ca3e09b2df1e28b56910a5a05ee81139575c204166
c443723ff78a95abe8af4eba048150eb69a5f6ec43ba254fce037b8df2369fb0
c877251b2f52c851f92521f88fa0a85f1c6884ff63fc8829f85d3990d203a0ab
ca1879c74fe51604ee738285e176dda852d117a71b60b6a6f7d95689f1bfed47
cbbe99449fa8c7c5fb0811c0992bafdce1fdbfa0e044f8e46268940031338554
cc8b865f1003f7c4d54559c2ccb498cafb4b9785a7664ea9644254a35b548f41
d0041e8f376e0b8c7aaa2e8b0cb131aaed28c9ce5b1e295e0cd3e0d32fbf76da
d10d0470e0119e6bfc3d6f28c24494453f4f540fecf9beedf972983cd3415c60
d205dfa972bdf8064ee1ebe819d887fb6f63994a1a2fd7d5ef4ba42488274e9d
d29574f293606d8ab13b68260c73667d60731c2931bebb197f3909e05c79ffbe
d3d2297bc9eefd47d33be2db20e8ad326ada7320aaffed81041b8494283ecd50
d506a4044410e09a088b6655a8041459a647d03ba098a562f476ad6986ff63ec
d5996ee7490bd40087bdb69dca39c26e4faca71a6295c6092cdbea34de53d262
d68364699b1914caa45865d0bce4f04e80da48b5bc0ff8b13fde039d4d8b5f35
db4ab008b57ab0ee9f99ee2dea7ef9e79517f661cd5d138ebdf8bfce7add80c3
dc6d1e3672a27e6cb59033f52c3df3f7b868a8b33289459c71980c14fcfa2eb8
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96
dcfabeb081390b04771b7c2f53a330f0b032e02f0eda1647971e553846690d97
dd01114994e98a9311ac7b936dc854bcdb8f3094460213968519cbb0011bf1c2
e05223097bfdc428372345d34a9c1981690739519a7c18bf38c843480fb177ff
e0b9e1c344a9f070d79d9e96e61eff4bc7e7806574f553c5bca56a0b415e23ba
e37fe9619e463c3cd7c1f6304f29d4a861a8f9b569fc4be8adf4e16f5a2e0b7f
e50b6f4228c76bd877afc2383c4b39ba44b5df751eda3494beeaade57e08da26
e6b374bb60c67a6a67b2a9f2be77fdd22c4f93e181744b59dbfd9daf9d2934d9
e7b2e1314abc498e3d640dbdc9d6e628ceb1856ca7f7d09c2842a7ebf9481e93
e7ba9114a9c9643d206efc14c6b23ee1ff2f25db22751826306a7dc154146b23
e7ca845e4052b9db70bc69db93460a8710f2a72886457f5b78b3d7417f578179
e970b688e8c3f8d94d912b6cef8bc62d13458f13c41080a7bca91ba7770aa81a
e99de22623604f65f201a448414b1a05e14181d75d4ee0df0468d9f803984766
e9a619197ffe315164ae43d78679644d349fad9c5de68f0c3b2e590dcee2df57
ea787f8d8e818aebfa67febd91eda995bd483b98e36420e4c4335031ffc0aa4c
eadf275bd88ce1689c48912016bf49a0d274bf77e9536b3f285e8157a1e39340
eb32432eb3873c9b1ff5ef19f9bbe0071472546a9d5189ebc19d685186cfd0f6
eb887494cab7227431710942fafe80273d5eafa5dc6e3cc6a0ffd92f78d2e15f
ebe6376d1d9e2aac922b5c9cb5459445a6721d15b2ceadee73e1a365d3582d55
ee09e655d07da9fa091f06343f3b1bf13b0c0809c9aa2fafe9fac4c9e62db5ac
ef51c4163439c147bc54776b5b273a5767ddbe730ed3bf1ad1b2506172b041db
f056cff08c8dfdb2ca14e79bf5d7b7b45f9287064104c11ad51bbbb073129bb3
f076344e9cd330205f4aa8d5fee49e7c228585a6f24ddc676149657948ce5a99
f1332dcf9e4fe0c57a620e93e0d1328dd3e21b67a936b570b4b7982af4879221
f2498ab0359a1d3a817ccf8c38f1484e3369bdb12941c6c41db89fbf6d3e9603
f35c6bd67a5673e6066439859e6e2bf29f5c70f4881a6a714026cfd2defc7b54
f3bee9f065e41dd649d63804d621d69e27ea8f6f432a0770c02fe6ec9ab71e38
f47f05078dc4fccac927aca1229601c973d30f1c6d96e0bfc082a37b2d5bb424
f48d6a611498acf0cfafb962ea21dc0e3ed7b9e6fb5ee962d86e40ea47d330cd
f6cd4b877c881df220022d1cfc52b76fa0d102be1fb044c704663410324629f3
f869d32691bedc58f0149c5c2f85fe4419e14d43be3e69269cb75750c07d255f
f8b209c1f557526e6cf6236cff71a9216880add826b6624d3b30c13b9e262e46
f9c5c029d4df4ff768da0b94c3f397ce13cd8dc69bf6bc3d1d28c65261c5b076
fb42808c4f59a943d2a9ff3a530852e713e164cb463cc66ad1524a1e7c56b3a2
fb4b57e75261144c862d3baaec33b977299d3d2ac33eb9879cc7a11142ebbb77
fc8272c2aa6f5da304805b3886ec0e276dbb46f9c99abf3b8fd1d8838f909161
fce2e884d19f331dcdc974494294c96cef2759f68b2723b179ce8fe3a47fe9c3
fd8b1cecdff7f1d22d5eec2859f0b7cb5db6938b8a6e33c9f56b63344cdf9bd0
fe17716c51dc6e59f58761309affa06b5c50c9bb518289e2be658f5673d74066
fe1e3f3a05470421a78b26615ae02a6f726af210dfafcca0d8850cb62dfccf5b
fe2848a1a5e511fab6db04f5055974f7abf1c46e2e9bb27cb149b1899809f474
ff197f36f510387275fac31455e8351a9e841ae80545acfbcc24ee56d49d5ad9