urlscan.io logo urlscan.io
SecurityTrails logo

acofrnsr44es3954b.com Open in urlscan Pro
109.206.162.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1861460
Effective URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Submission: On September 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 1575 HTTP transactions. The main IP is 109.206.162.83, located in Netherlands and belongs to SERVEREL-AS, NL. The main domain is acofrnsr44es3954b.com.
TLS certificate: Issued by R3 on August 16th 2021. Valid for: 3 months.
This is the only time acofrnsr44es3954b.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
395 109.206.162.83 50245 (SERVEREL-AS)
1166 213.174.135.1 39572 (ADVANCEDH...)
1575 3
Apex Domain
Subdomains		 Transfer
1035 selornews.com
123.selornews.com
6 MB
395 acofrnsr44es3954b.com
acofrnsr44es3954b.com
2 MB
131 reminews.com
517s61.reminews.com
926 KB
1575 3
Domain Requested by
1035 123.selornews.com 517s61.reminews.com
395 acofrnsr44es3954b.com acofrnsr44es3954b.com
131 517s61.reminews.com acofrnsr44es3954b.com
1575 3

This site contains no links.

Subject Issuer Validity Valid
acofrnsr44es3954b.com
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
*.reminews.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-20 -
2021-10-20		 a year crt.sh
*.selornews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh

This page contains 1 frames:

Frame: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=cf192c88795894ce2e8912cd15e992681631480753&psp=4ZLc7heZVvXc2LwvZGvSRENhO0NQbGqUCbb04hX9YLqLy9XqIv8QLt14Dh2NdwAsZZYhIsZntNmvBNVnALdnMVLN9CrITkyYSXi2INVBKaCi5Cs3wfdNeK9_4TQieJAd8xs78I_L-oQg1mjs0-Pga9AD74fMoagSCyFgwIqUkJVk6EpeGANb-Vv12oy-id_lXSlzuB9L2RpV5J1ytWo_mzx4dX8tJUnVyWy1yOny8q2JLWvI8xioRjlSS_FrM1qZ2YglakF201Lr15cHvj5nCB42P5Z2Q6a52BAOoU9NDXeFE3_Hk7HZ_mkKzpyTRbjTv6sPVk-54MZ5C39OaC4whNZaLXvo9EL6UaknkHOyu-AqkSjnBLwvdq0cVAaSV_HD7kODOhinXSfV--FeqJbQqdo7c-5F1cyVpFxYE0YJKJKfuxe3TE8DQqlhglkX1iMWhL-GL2RxSF5EsUAMo01tbbagmTKCa00XFZs5MF_QnlscO7LtspoWAffymeXJqsIAzJKu-LZZ3tFv_0P7cSBnMC7DOCoWUePAa9WUH1FU3AXfTu1PzI7UYGNt30jjGgVckKNbPorkQzAcAqlbNjnmfzieH-u_SKD9n3c-UIYK9peprFHSTvjhoGodKPZdIoeOI1wQvoWzlC23YF4F6qdzHkLVoYbg9fcTX2Qw&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Frame ID: 423BE5E940E5C162ABB10492BF5A4930
Requests: 1575 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1861460 Page URL
  2. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1861460&pb=7e88f2723a137b6865e846719f3656e41631480... Page URL
  3. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d... Page URL
  4. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  5. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480... Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402... Page URL
  7. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  8. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480... Page URL
  9. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21de... Page URL
  10. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  11. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480... Page URL
  12. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e... Page URL
  13. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  14. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480... Page URL
  15. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6e... Page URL
  16. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  17. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480... Page URL
  18. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172... Page URL
  19. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  20. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480... Page URL
  21. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8... Page URL
  22. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  23. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  24. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84... Page URL
  25. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  26. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  27. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4... Page URL
  28. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  29. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  30. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6... Page URL
  31. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  32. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  33. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8... Page URL
  34. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  35. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  36. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404... Page URL
  37. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  38. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  39. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd10... Page URL
  40. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  41. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  42. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e... Page URL
  43. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  44. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480... Page URL
  45. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd465... Page URL
  46. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  47. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480... Page URL
  48. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30... Page URL
  49. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  50. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480... Page URL
  51. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd... Page URL
  52. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  53. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480... Page URL
  54. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7... Page URL
  55. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  56. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480... Page URL
  57. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65ab... Page URL
  58. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  59. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480... Page URL
  60. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072... Page URL
  61. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  62. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  63. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc... Page URL
  64. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  65. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  66. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6... Page URL
  67. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  68. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  69. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d79... Page URL
  70. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  71. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  72. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8e... Page URL
  73. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  74. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  75. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9... Page URL
  76. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  77. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  78. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a62... Page URL
  79. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  80. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480... Page URL
  81. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca... Page URL
  82. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  83. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  84. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17... Page URL
  85. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  86. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  87. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068... Page URL
  88. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  89. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  90. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f... Page URL
  91. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  92. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  93. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84... Page URL
  94. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  95. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  96. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f... Page URL
  97. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  98. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  99. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3c... Page URL
  100. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  101. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  102. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8... Page URL
  103. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  104. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480... Page URL
  105. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e8... Page URL
  106. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  107. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  108. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b45... Page URL
  109. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  110. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  111. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc448... Page URL
  112. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  113. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  114. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c5... Page URL
  115. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  116. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  117. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c74... Page URL
  118. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  119. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  120. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03... Page URL
  121. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  122. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  123. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140565cce62eccd... Page URL
  124. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  125. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480... Page URL
  126. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33... Page URL
  127. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  128. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480... Page URL
  129. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f10846... Page URL
  130. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  131. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480... Page URL
  132. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119... Page URL
  133. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  134. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480... Page URL
  135. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021... Page URL
  136. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  137. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480... Page URL
  138. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf39... Page URL
  139. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  140. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480... Page URL
  141. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534a... Page URL
  142. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  143. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480... Page URL
  144. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc07... Page URL
  145. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  146. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480... Page URL
  147. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c39... Page URL
  148. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  149. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480... Page URL
  150. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140582b37ec625f... Page URL
  151. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  152. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480... Page URL
  153. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504... Page URL
  154. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  155. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  156. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74... Page URL
  157. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  158. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  159. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7... Page URL
  160. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  161. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  162. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d53800... Page URL
  163. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  164. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  165. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369... Page URL
  166. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  167. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  168. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817f... Page URL
  169. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  170. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  171. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b9... Page URL
  172. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  173. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  174. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f... Page URL
  175. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  176. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  177. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217... Page URL
  178. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  179. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480... Page URL
  180. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa... Page URL
  181. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  182. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  183. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2... Page URL
  184. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  185. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  186. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86... Page URL
  187. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  188. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  189. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af... Page URL
  190. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  191. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  192. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782... Page URL
  193. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  194. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  195. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb430... Page URL
  196. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  197. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  198. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839... Page URL
  199. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  200. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  201. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7... Page URL
  202. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  203. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480... Page URL
  204. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c501... Page URL
  205. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  206. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480... Page URL
  207. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907e... Page URL
  208. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  209. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480... Page URL
  210. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb... Page URL
  211. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  212. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480... Page URL
  213. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced077... Page URL
  214. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  215. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480... Page URL
  216. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ea... Page URL
  217. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  218. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480... Page URL
  219. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f289... Page URL
  220. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  221. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480... Page URL
  222. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e9493069... Page URL
  223. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  224. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  225. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed72341669... Page URL
  226. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  227. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  228. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a... Page URL
  229. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  230. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  231. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e58006... Page URL
  232. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  233. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  234. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9... Page URL
  235. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  236. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  237. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b... Page URL
  238. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  239. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  240. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77... Page URL
  241. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  242. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  243. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480... Page URL
  244. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  245. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480... Page URL
  246. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f665... Page URL
  247. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  248. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480... Page URL
  249. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6... Page URL
  250. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  251. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480... Page URL
  252. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f4... Page URL
  253. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  254. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480... Page URL
  255. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021... Page URL
  256. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  257. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480... Page URL
  258. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2... Page URL
  259. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  260. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480... Page URL
  261. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fc... Page URL
  262. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  263. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  264. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8... Page URL
  265. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  266. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  267. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee... Page URL
  268. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  269. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  270. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e... Page URL
  271. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  272. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  273. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e... Page URL
  274. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  275. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  276. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca2... Page URL
  277. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  278. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  279. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027... Page URL
  280. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  281. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480... Page URL
  282. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf8... Page URL
  283. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  284. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  285. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9d... Page URL
  286. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  287. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  288. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389e... Page URL
  289. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  290. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  291. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d... Page URL
  292. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  293. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  294. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451d... Page URL
  295. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  296. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  297. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9... Page URL
  298. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  299. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  300. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74... Page URL
  301. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  302. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  303. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13... Page URL
  304. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  305. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480... Page URL
  306. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a1849... Page URL
  307. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  308. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480... Page URL
  309. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78... Page URL
  310. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  311. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480... Page URL
  312. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf... Page URL
  313. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  314. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480... Page URL
  315. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22... Page URL
  316. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  317. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480... Page URL
  318. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbe... Page URL
  319. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  320. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480... Page URL
  321. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b159721484... Page URL
  322. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  323. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480... Page URL
  324. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9... Page URL
  325. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  326. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480... Page URL
  327. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04... Page URL
  328. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  329. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480... Page URL
  330. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f... Page URL
  331. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  332. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480... Page URL
  333. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c... Page URL
  334. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  335. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480... Page URL
  336. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89e... Page URL
  337. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  338. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480... Page URL
  339. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692... Page URL
  340. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  341. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480... Page URL
  342. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f1400486... Page URL
  343. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  344. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480... Page URL
  345. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c... Page URL
  346. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  347. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480... Page URL
  348. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c1... Page URL
  349. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  350. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  351. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4bab... Page URL
  352. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  353. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  354. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856... Page URL
  355. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  356. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  357. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d89450... Page URL
  358. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  359. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  360. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb... Page URL
  361. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  362. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  363. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790... Page URL
  364. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  365. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  366. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871c... Page URL
  367. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  368. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480... Page URL
  369. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf860... Page URL
  370. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  371. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  372. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e... Page URL
  373. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  374. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  375. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed... Page URL
  376. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  377. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  378. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552... Page URL
  379. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  380. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  381. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc93224... Page URL
  382. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  383. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  384. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a0... Page URL
  385. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  386. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  387. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058... Page URL
  388. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  389. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  390. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77... Page URL
  391. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  392. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480... Page URL
  393. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5... Page URL
  394. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL

Page Statistics

1575
Requests

99 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

8842 kB
Transfer

10715 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1861460 Page URL
  2. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1861460&pb=7e88f2723a137b6865e846719f3656e41631480722&psp=St0j-6SWXk6oo2TQoQ3lxlly87kJU8LFAQD4QV-B0x6bBPaAo17WWapTzGUO8HGI-YA07NXS13zPHm1vkDt8VE5e1QPZdOb3N2ygOyxUOi6fviUq0zepwYeAvuwfxa79loRb46MdaXVuTHHjwBukeg1AcyILCjGRM8FI8x_aS4HfqaMNjDXekyK7LI8kO4fGRY1-FtruVMoBN65DcS7e9_q_jDZp302hD-N7mkyUDximYJAIf0Ja6hulUy-hCYyogqUlyBakIU4XAJjXaw07jqYwEI-Xav4t_VvV2eecSY5zczeF9851rrGx3tdTGdYM5qL8lP37FawyFWMyTLvnJ4ADhna9Sd9zP2CpQEt31bVRoLhZ7fRn5U-Ec89GFfI2ZCcl5NMxCqAfjxh1Iym00ukURi1Yied4wnl_F23SC7c_oYUbVKlIJhOKgEn0390ULFrDz86OLNnq0bJF0R0I6WDJuCwuvydE0lfRTVPhPRQN-6VzudRDrYWHwM6_uV8Iq1uDdRxzE-b-JuLuPSvJV5p8a9GZn1nc4H0j4-QNtNH24Pmeg9HMINKyQFVmS8C_9AMd2k3_rNG6vPOh1yYhd7yeSNHVUaleCcW3gxXpypib8AdXkiXtS6b0Y6F1C3mj9xPLGwYCjVyypWxIKlAha-_qQIBo47N3L2rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  3. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  4. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  5. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=Z23XRvEWnk_5_bkuikFZF36qxodSGJQko2FOVadEbsdQf3WAJLkyGqfQPaDJVbfwMdUvq0bZqldfHtyCGfXorU86_h0ThjD-WozJekCA2f9w4KhmFJ6oGT2Cubxk_0B0z9oZYOXj568bkTwEFdeq9GlYDAiqv438M2MayIfSfwAOdgHKMRkeq-ZWpclAPKZ6zDC7OvDPLrADe1BtTTGgOGthH5BrOZzE49RECinHQjZWF_SbPN6ZfNS2W7w0w7j59OfJPb05_qNKFJQOPFUFfUf89G5pk37Ccaq6MWMNHvoFOGwya_fL_k8osPUl8iwnywagw_WeU2jnGR11z4T7NRhzmnx9MUIZTcNx1EyHG-N1FQ8SCG-K4UsbEmgFp_H27x3jLlVKcc5tYXy5qiW4RgNUJBNMSfZGMhO-aTcsTa7cGUjQ91pA752E5a2NZGmFz7Bptvj9r4sRNiKtc0LgvGgo_Tzc8WmV1xXmvYNPCHspoxMZoLF562q9QJ0mD8t37RJ7NeW_OZMZXYptF6uqrncY3I3wNCMM2SSKLOiImuJ9msZvNboWxXwkQevWXdmDWvWN27bpzK8BeW7JgElroTEGDF_wB0rk0gVeAJ0prBsIBaiHAx97ADUEYQ8QoQ9VTdaB4lYlhYSmmv4oFTtN_xMwccewDahEUmbM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  7. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  8. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=dJdFX21yPnJ-d-Y3QLdZ7yq7bhbeeA5Jzg1E_U12GbplP219UdIG7G9oCf9W34YvXeACHAe6KSvqchvJyeOl2knLMFtLfchuivaZVlHmoWYYC-d-_svQvMwXvczeF5eFFSOCg1S0ft-83_xEkLoxEZXpNJdrf6_UDEC8PvfTd74Mp4PSIhLhSo9Dro4snQhOlQMN7cp9qkVKdUmZVrGWhOQRMYIWu8Dqao7cQXrMvJy85m-CvBTsXH8sjZn1ICHebT4KBFOQziSEPE2R7Eqtz3RtRHSZgKNSbvLKxeGYUnuDaQiOD1J1SFdOMd2-5TyrKK1hpLtRD6bhKUi8aIBea_aKYljX-42pSB_7-NoX9Sy969QQjtKaQ0MxWfreCiTtrDWoTCwZovz-ctKiWLOVpyJjL0NOOGgeQJ_gSwYDGunWHCobyYBpv9n3Q3TK-3RNRbJDmLz8kIvk4UsOt9Dpyn3mzmDFy3PGV1plFa522dWct1md5mOi9h9L12SAhdY2FUVGSJeEcQ-jW3MwZOthLXLCQ6TQwXmJLuQZTIdD-4UMOktvgjeCTK33W8u-b_DGSjp9Re-GID59d4wKzIAJt-m_SIdWUdl0KGBoNkI5GsiE4ucjRoKG3EtLVwpwpuPCZ0xqA9tRahf13Iw3KyA0-cBimXgcMQc7iFq2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  9. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  10. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  11. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=32udam92X21o97DddWYzg79QfMMRzRCkcDGSX2C4WNbXZeo4FXz3S5xZaZHACyvraVR53JlFqlR5JgsizoZZl09XQUoH89CiymF0SnfBYuWC1QCBIZGJuVlupGfcQeGdG8rSWtV25EO4_yphVlLXt4vM8IdiQxLbq21zmxiLFh-82cITkl5eSvot-W8uHASKEQ4E2O1j9rYejx3EyPvWMevovXp1dKviHNYA6K7d9Fdj3VNDf1ooxu6eoRj3TEzUWFSlMaMyeGkTZ28oYHVgp0h7O-Vs0aLcPEzNWJozFoDds_5ASa_NlGG7oVRtrOxJj3vawr27TjFSauIk32La8uQhNq6dkoO4i_KKN1YslCN_OT5DKUWU49QqtEgP5gm7lxsZT4Mnpw2HdPA8KFZTsOyYYtgQz6X4X0UYKepihtyo9267pwOUQsS8Xn8PelhuALovowJ_v1OPg1HXcDbOeUWAHSX5tQoJuh2PP_0m4ZA4-0TUF1iwwX_SpF_GA0-O8_076_DR5ZqpFjONahE6lci6QHPTKqnFObSd7aKBtL7XsVR13SdnMk6MZPhEr-4TstnPTUxSzoHjTmp6LU8pDpMAj0RM5Kjd31SqwC8oPxxfoAPGABtLKyLLOOWAdjK2rgHFJBi-TQJ4ZY0h2-Au-klyStmv6IU0eKJG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  12. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  13. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  14. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=UBY-VRHhYg4Ml8cPJZaBiZdtkjP2Ss2WgU1BVkEQ1tKhvK-bQ9hBv2y1e0Tb8-M18NHHUjQNlNdUI4hALcWwmt8nM1squmyD2bzwfq-XX2SqjxBRy8E5b-F0isDmj_cC07xDetolAAhb_jqm1y0o9jzRsbTeM-JUaoCBbZ0Ou1El_EFqpzTB3S-8JY-5Zs5c_9BvK4_8C7VZLkMFyL8XUrqG_bo1psTkZfb4O6LFOW-vk28N5C2X7NAJs5g29B6w1F6-arE2Lb7S04pIOaHOQ3KB-vOrjNylvYpFYeDFeg7baS_6SnD-k1OLXIABSsyToMO0em_BtHt5HIkSAIz03lS3z_OI3R1-_XumDyFhl2wbCS_96CaPYT_IIu3zSZqihvFvkrW0LdN4zadeJRPu8N8Kq-r4R_N_-Np9N5nUgJGerGGFW30Wxwk6neKXZzntwpK9BR_iOPR-OKTNlLDLtLekZLUz5ufpYSIpfvf6wKUT-NQNddA4Z2KM5swUBVxLEyQo2Bvi3lTODMWKZwFfvFOJ9rSQ1cDIL0SufxXslc7ib3_ki_p5tlPpvZ1sBN3FNPWbaMfZFjQDTcuau8Mj3bVMwPyfhaL_NUQq1EZdk1j7VmvHRLCG3NC3Dz_zdiSzLj0TR2ds6dZKGMJD8ySvb0tfQLlZObM3D5rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  15. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  16. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  17. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=QiSn2cszqE-owFOWZXvxFzKsTIO2kHxfsDIqURs00KyR9hpVolsmLy0FUAbwM8Lj-rBL258uKtmhv3xnBnx_BR0MbWwJ_ftlsFO9f5v6MdQstQRTkevGIfEe7WEpngxqHDy3aFmnrDAL7E2xgVdAFTL0rSReadYi2nb_nLI9VThM5rNKUnWFloNFGYlLYgLSm37lTwpKo0f3PmqJE7VfZoKFu8-LttjB6UG50QFRSowagas4zHa6cxJmcbiTbhx9_CrfmUjC3LqKKU1ZgmsKlxdnT2LSXt-skQy-Gh9oNDRGytCPzHHysy0JpDrnWbq_cVUqN8tcrtKE6Zh8EVUGJYbi4pzW5E9qV8SPOYDg5BigfGqY5Nx01q7xSXBZuOWWzlVz2KCmgkmpVM5MUbBKJ6z6gpdD1uUa82FdfSMdSOgjQE9p5iB4VfGOTnVgRuJs3lK1O_7gv1g7NoEkKhQZedqi5OCS1pW-hx5ALxjVikZaCSILEqyp8HqkwJhjvmI6RjigdusVSwNBr_bEm6tScL49J7AZZkWpCZN81G_X0kRd74QQkC-2Aqs3GkDO5ik9zrt_MMRclgsYEIQanzXwYKo4_SrS1IWHcxfX06RruHo-UTCOtmsvcn8eLB3GYf8zLBW463FuPEYt8qUAm9YMS6u7dS7Omz1aOeqN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  18. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  19. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  20. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=K9pHuBubPIs-Yu3w6yMLdma7jzW7_ID98jbtNRe1M5EVColKpW7RfupG5x-QC9Lzom0OGInm9H4_SHRKprpXpDF0Nw1BOHtmGopPuwBrk1BEwsd2jbPL-7lJCyZix_pcWCIExU20LjVCuvR6uhJQbWeTnmeKOn9fqLhn7FuYDD4tYXdmnCMPZCiGXUG-B2EAXpOjsEffmEYcLAt0C3kvjN2shMBESkXtsLp6IUp9ea7EBr1abyg9MuU4_UO8owSOI41jDS2n5-EyVls7eca2x9juhgGLfhR1Yd3kuE6LdRauQ1FCewrleB9fMJrg7RGEZzVXFIRDDEqDHAC9YBHqPz8Q4HitQcwm1c_nmn2hgYpVWf9EFDVkH8dYVUrzt1LYcjEPF4L6_dbqR0jvd_OP0BdtcLxHuP64gAbgUPcd0a5TtvSwgleXuO3llOHgImjhjLtO9etxEYyWHNBC_p1FtHWcezsKKwg6vmrgDK9bcWkK_LdVuNUkHSM10eQLhsDRYr1_iCRdVYclaIwWa_eYOX8zcO2OHrR3__ZzyVCjWawSxzWSaQBuomOseUXF2oupyKdBurJ8iD9w5iXb4USgmIhbzJTxo-ycjaHIXcaC3XHA-MF_hvHBf2kbSYLFcDw83qMnOU8czmgV3bnVxriNK0PcmJXh0HRovkmk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  21. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  22. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  23. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=RjNirQBZMMPg5zvFEH7wmTIe2FwBRXLxIa-hAKsl0eksYR4knCKPZCjf0JVKCEwYyfyOA_rUXGDpqQ0B80vWfNeqlUhubQ0_dKhvZFOefoH__uYU_ouKlopeqZaBTkgQlnOWzSFv2uvyxo8BzdL70pTidveMi60rJvtTeSoGHtRZKHyhYYnlGLLtH4qvAYia6g4hUQh9ERHmqArU-qsYFH9jos_3L514g_MJolkoHMGwwQvfa4v49LkIwAHuzLXN34NqoNslno-mxIgjGxDK4ZWYbiawxrnRIGwTP4UOu6FMm3SrsQk7y_ZApfJjI-XVjc0IEJEOzNsXaXV0uwTKMtWBLyQWHHkjVAd-OqqFHlSKXbd5YNwzEmAkIm5Fvy-5KUBGWBHHjKMjFi1b-4FZikBmRJnlLtMgwiXIwxR2oB3fcNAoFOW-loWmPdOYS4hwZ-Rmkx0ifSyHOvfHwD_zXqzQ20TmjbWzWeE8dD5x13Z_LuF7gb_PFRkJxm48AxpCEGaOnl_LQOl7g0LObLrali6jZg-qPEcAD4fCMb7w8dq_YqELsBWGIFyMo3QabDYYA3nTI5hxLfCBWKOPzAmad1E1-L6s2-id4D7lgvGrE2x1cYo1U0oh7kacoeLs82LxsIPRtCtpNmWDbwNi5SvEgSM2a8o1hFVDAkTz&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  24. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  25. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  26. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dZlYW1g8o4glOSOWEHUfooaabWsxZTd_PGxEzEcoMaPtHn6BTEt9FRwsn89SpDHswdVrwyPBs_u5j3dCUdJjnJv_Y3cTFNxfHoig_z0KTLVh_jmRezq4ohaiVG2vdAqj-k07PZHSpc6D9sqv70nfPJY8F0tFJfZ_a3NBxJMyLNYDhfFjIn9znToONKVoZgOJsVE_Gsc7PTMirzWA-iX1uy4s1el0b7a1-7t0xqkWjWQrCTvlCuzuV-92wu6yM7BCKjO0ss7uGvm2u-cteJozmnB9qOvPtVWHHK6Td9uXe4zMHyE-CpCSy151jbXw5xC5VTCfoyvNh6GgU9QEEIiiK4wTpwWEcg5T6eKS65GmxL_HNb6jwoQaJ8KaC994FCtGr38lJvxbxWa2XqwHFvv32D1sWX5RcxJ0r8s2sPvGM5amp1O655QOe2QVyUEmCv4C2Zzepc0SJiDUnC9YdHc4iwdiYVvg3rZaq6Zninm3niECTCIoBoP9tyzeADflslpsDFuey2N4S4MDMza3sT8Nvc3WHZCHvOkvtcxslNcZTerKwLutuQ0tZazS4nBVX_7aIVhI9JLepyuQKJc7OXUySUZIVNSAZcU11vui5UNEK7JQQ3Omh-PL9ZuBVWEPfhj0S5Tr9CXG1x_sVx_bVfr_GnmReNzqF472NQjX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  27. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  28. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  29. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=n057qpcQjBNaKsMIz0RRWLHpcBHS4cj-gQM7rd0--vOdHvr7PfYp1MdeHlf1YAIRxGh8VgsBHaVO-vDR2YpffaHRhRNHBpEO69vr1E6HfFuM7wUXPUbRpU62Pe4CdF_uYreUtExJ4gAKp7YgChP1005B0CPNgqq9gN-Wg9Fn62ne5uXtL3zirxU8R7qT_rxs-xH3_idMUrrq0AUxSDHpQsJ-cDvpCTuFeDUqU4xVr0VFKcBEIathgzo_OhTaDULaVwWU2BojvgPDKM5c9yyw7vQBPxy-awAc_5WZ2sNEWkCZK1k99w1DSmLQ7VOoaFlm5d7HYZnr0trBaGfEPrZ67ueW8apc74PcIU44LaA6z_yw-bAHfFhEYabcGmk_hW7WitWMfCfGMUFM4twzd29oLr_Xu-lW2hscgx3pBv5bhcwOVpaiivAdHIqoE-K4jamtanC-zn4F0mSCXcxEU7xsUM858dBAKCFhsuWwOXzV4Vb9x10s_s-Z_ffmBd_axmmSNxMzFnU8SrWa9HuxJJITdb561-gmOk2uKz3qar5xskdICRPCiFRxriz4a3Uy5IghWmPFsySzyzCR6XmAAPwfzpNlpjjO9zRnmZumhyo-wB5BDz_ayrl5Z5GtBm34i3R7TX8Xq8ssEh4y1yw-reg68iyUWeaSm0WAXtmd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  30. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  31. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  32. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=2A_3pxncGzvUUXQy-e6d4JbaMfD5hRAFsGosNAKztCmd-u2Lr3Sy1zHL5Z5QvB9oTU-OCS4rlEF13MC9wrmftuaeB2pD81_baXnN3lYCfBxmN-9L6ihNeCx86Gbt4_i0b8giMQBmDB271Vr7sRupiimwV_ARykMwIR0GObXguc2Ft_Cht1-nnze0PoweMyJYRvHTzwbwRD7rbNfyZ1dXNeWSqqo9Qtx9UC5RC1_ffpgEv54-rQ2vVa9yGX3FSthyxUBrwffuS3N5CWyrvOpuNm3zo0vbEox9LoVhj_D8Z4CllpkeizLzRYlY6N8j2WXH1AsI_Qu3ToW-c4zJ6iXNfevtYa6QZt5dwXLQMe9kdh72Cum_s3lbPRvSmfFKjwBKDQ1B8IvLks0hpGGdwpxh_-FW3Jsk_XZId5TZprF7Eg6G0Bf7UA21Lqcnakww4HD7E_SJqbxiG7YpMW4L7SFj5kKAtlnNi5sRFCBJ1fF4j5VmReEHPNF68wx8j3LyvvMMo_ugRtYB6XRKDit3dNu23TdbtN9ElZWwNY4pCGuKLI1Bydr3uv_VsYcyS_1WNmHd1sj5x-F_EPCuw4ENcyMGhyvdk3_s2zGf9PAybU9j2UvNRpdgABFK31T5TxqjXY6XBbb_kuuK38QSdEKUs8R0AtoG3vQBXNmYutvX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  33. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  34. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  35. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=UAnK28VMYClqAHCWZZiehvHWic2GqxGC9vDWjROBvEhr9c9h8BN7WdgYPgPxzybvEZenByNvk6AWUdS2O0U6R34GeRe_PRxBFRCrw9i82fvw6Mca3lTSfUKCbhz7cS9HxUfB3zx9Xpb3Cjqvie63Au_C-rmJA-0RoZbd6VQqEeC62xhDQFwp8HAIRrzKqNbxm8I2s9GPzQTEdFh8L2Tnhof3efLoIBOC2CpzQYgsnNriSRBWQKeVq0r9KpmipFkxRVw0Za4CBHQBrqWJGlBpDzDCLnkrMt-4CdzKwCraUqIcjwqs5dATxgd2zunJK-S1-aXpUrp-nUhWBSrlm977QUwq-_e_Wip2hQyakAw18erQoI3cH_q5AVA6-9dTs0Z8cVezwLrGKMabOJRHOINelCGLo6HAqDuy8dPl1BTp_Do9lgP3TLhF7KLid12tXXxGB8yvOW4Z6hrzsiGhwD-3Zxr-6APHHEGLZ4jw_uEMd8lPmurV6HNwZdoAavWSQUYLm552jLn2t5URikz3MaczqgB_WfaqlkfGonzhrwxdnRFYXmdpFzdQprsZZmYN68xVJpAUSuEGjQSA6M12RxU8bb6tZQ1V49Pv4DEC9RZ_gLB_JzTHkXJeUMJfxsAQ5Yj4EYtYsjx5yPWsJ1OzMI3s88HmKPAWeWbqtq2H&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  36. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  37. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  38. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=0Zhv8UnkqVilaEim0H8UBJrUprinHr_LDRGHHmESS5ualSOZN-8cxtHvvprrlPwy0PmorCYxhq6L7z_fP0Lc4sVNaFzHQTZ3olOzN_AZwjLwbyhZyFChkh09Ln93KG7gC9aiLrQOmZ_nbKLOSO_4-XQWQO9S9Ml4-K_UqP29UC9f_AADtHgsuWk5SbUkGIsSB4Mg62Kv9ZJ63w0M2efYOxi_N06zscLgEH-8HYD7h94uTsNl0nKkZ7xLbMIcxG3j2YUkJHTQq5CW-NEDm-xRSOrWUalQPSo_m7ZSEsvfSQWHBHN0GdYeZaa6qag58VN_he3OEASy4UtBXYuG9dCNrxrcHNTseyzegr6nPEof6u7EO5TiVBgJvstjGrxL3L7j5g-RbAYXCVo8w5blQQPfB70B8ZOHaQY4-3p0O-m2J5CZ74OCpPj2GUDYK9THG9OQh_T_JNKjzlz7kEB7-s-JcZAv-kov4HDa-RLoR9coh3rsIliIQ1NnBghNHybzd3c3tQsvB9pE_udagbHIPePtyQrgvopVhqr2Wsx8INWdqQstqDHoWVcOP9U3V99XTG-Uw3ahACIk1h_CmrV_x-94QWWghkaCX1cGdq9d5HoR3E2uZi2LpxQJTG_ygeCP0Id8cF84KMK06_KNzw4dYFE36a3_5cs54jdvOeSW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  39. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  40. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  41. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dw2jQOoasgY5A-bmSbqONjcUwUxo5wHbFBNPQhcjAzRLyd29zthKxsPjJ34LFN1eO1ZYMv-xD0Qmsxn6RR_2Qj3GAUQtVKx5JlJ357P-nTKUyz7kEdVRT23dwffT3ywjDxncKoeVlkpWDgQau6ow8tHiuAXPzFGvZCI1EfK0E4MQDlYplBRUcbHGMxkKwsAjRmHzfl8ncGrnuiV4oRubHx5TIDB3-JcJClw9UbGHhY2_Vb1EC6fQh1_5bdabONOrGO1NCH6KkPBl5vooxuMt58Zdoo5Mf0VUGQKj_iBJiAI01OHOWh_qQLc3y6kZtB0qMx_r5eElIsZqqEP6YQg9BWNcN4XI8iv-sbcJi40VLazN_FSwqCYtIygThtD66XEfylGWLpvAAFqyDhbrA7tpFBGDGR1dYZ3tw40KWskYhcuXyAF6oG3hurO2dtDhdE76E7uO9Hx85hmL3N4O_QpagqQ4Ti2BNjvMWKPSoBBcGb2z7bZSxc1B1zUgf7UNLNc1fUTIcyfJEweaNIXu962auZWzf2RFA5GbiEpXxxCLdHyj6gz8ZS_tI4NymDqNk0AY0mlqWJHbxvhen54UrsN4K2EwdGMFSVKhglR063HVYVwlfz2zA7KhXOkwDvkDeVdUxjhfsJe3r63kAG3U2KqXi_hAxkpDUFD1_ibU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  42. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  43. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  44. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=Gf2wud6hu6_Zpkuwsg_0ZcZktNfxaZu3ZbV8GOjnZl2UpjkykLMn9_vUxlHxRHp90lvLashOJVah3ltmHlwJPEDuuF3isbYsyKkJbqDFSuS035dm9BJDT9i5kLISLEDqKhhZiIEI83GbUtaXWDtdV00chJFZW34lRBtP3JLDFE_w7K6dtlo-kdiT8FRMGM3wCUQ81qo7OfZL8xh6-0Tcs0kduzDjTxAv8kMzfvhPsq-DLNjyKVlBS5Gqr5Y-2yw3kxztS8J7Puo532UTEXcgig_buZfPIbfeUUVXo8fg-0spnpKI472XjG4DOWnRLvKZMKHmrvyEb73ONONlqQcUC-GuRvf_c3NcM1rIMO3dtDATr6BJRzRf0ifkZz7cFvEOWzBgSOnj0hAEvBo5teXmhELtCdDmnJ_TY23_yQE8O4uY2nJywa3bnt9RBh_dA-BF4ajtw1S9uuKeB6FL26LB3oq0r3Hg4mYRyOhJgj1-deB3JsSuzU85h61Ez5xYXnaj0ySLjyLnmUg23Oxgmm5Jm5E8ao9LJJe80j-MpZQcKodujSAnwSGpJ-80UTrlWye-qYbr0FbOtdcMhBJ0SlSOsqw-Q2GYzowBR8Q0VVOJbRi9JHJWhEp29EBLi2uLbcbAihtbsV1m3zeFCOGipQ16TTSjwd_43TTUKHOh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  45. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  46. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  47. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=p5rILvkq6EL_eIgR9vwH51E6dWD0HwX-XZPk3fsVuIJft_wJh5R65c5bQf-p5Eac7OnskQUI2uaey6k1BSqDQJZ5EuxShSY4pUNS3TTKlGW4_a55oy643W6B9aLbxpqOU8maK_B8pE46VOqhvi1aonliSMsvo70zoXTBeJSRrgkpWjqzjbyh6k5SZh4CWG4kYADXWPR0Ha0rLP44f8p_AguQHc3SG3TMyWLL1qj2Yzu1xP1jZNxhD1GQVQh6kA6SIh7yVKFfXLvWw6pBEGvGzGGjuuXhhUdIplbOgVeeuy419bXwOHahMapO93dJ5cLTMLxEs7u5WGbqWD-mm5COwxSe74U9PMP1iGKgP8zunlyTS14ipGWoDRVwtcFaXWJUO7VQkDxX2krHDrUbPA8AyQwmytev2f_fFAa5cAAterWTb2iEID8PimKnohg7s4OpBfGpMvqu49FUhIRHo4Dr_GOs8Sm4MjxH2w7jQ8brAJCJYAzsyZcR1VbGEZbZ6ijXfNZQLGzPV6L82DIn6RtEiY4_8rhhpF1JsrvNVMM2mtJoUtcdXxVGY_tj_u9bkY3r9LagYYT9TPvXAEsWl9XdNT8Fu11-d0lczJTHPpO1t7RYSbC6uStEULUieIvXeKBqqAPdueTo9BqOku3IGNuUlIyn2IAGOxMVa4Pq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  48. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  49. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  50. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=BU6SrI-OXvR5WZyhUVn5S8PIsoCJDYK4Byfcz85zSddIJ8RWigc-eb4eH4DbBNsPnmppbPnw3W9lsj2xH_hS6jujSyxuW-82rRsOtkMxFvDhomnJfIsvkkEdEKveGSbOo4kxVnz86Nc1IGhEi0oc-yvIuCx0RKA5eB_GYiernKCw2w71rFafJh4xisVYqdxGi_TNAgUS-H4v-GCPcW4LvEQ5clpJk7wc1LPqubdq2KDCd5tmd-sDx6rCoMiz7_YJZHF82QV7n4V0TXp8waelScq4HS1Y2dBUwUHCeotirPH53XGgCl7j84T6hrKzGci2a4cbpS3JzbR58MbcEMOZqXnPi_cIGikpJV7vQHtaC7jUETjgfNd7jH6IVDswTHscBD6wrNMt1JK-AhVL30dRmjOd-jV5LtcWTVK7bGxSfFSH4EC6IF5NyGqd3Ozh2CyYPXEFfohAxbz9tCZJnfSlbL-LfZrsuXGu7FAtJ-U8pqWX4rrDc1IQHy9ZVH9AzfJyrqO_xmZXTfrCfccumBrPEBQYtGGf5cI73v-BgRebuRrJTOUUCj1UxlJrKPimUAG74OI9sgFbqFO1jtg6VV5D6bkDZsH-kblBxEWiFM8fT18oTTXeeTQHXcnQ_164ICSpo4S0o4YhOhbeBPYxrgM5SswFmpQLDtoyfRmq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  51. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  52. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  53. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=7yBWNFvqe5lq61gHTS-0hjo3iXKj5Mp91Q97ObRQD7gGsXrzi8nEQ0n7fK4HV9OMp87goy-I_57vl5p3tDeRrDMLwba17JbN2aDgQJ9khxxgAsuGuClv0GvHP76_9DQxjbz8yEZ_p3nwQVphchBjMUdq35UjZNkJb0Ry-K72JpxOo5oUVTLEk7cGFDNY2rCeAo3wHqvRKNijwlYSxn6pG_b2zGhDc7ANRgPH9dyRrVJ5al10OMhfe_xdinKX3YCR56m1fB6fG73Rtkosp4da-8qDnd-UOFR4vmntRFOapp6blmhx_AsMhFIDF9Xvyt0alEUvCenBlzVbBfhUIR_kp_p1_2UnURa5lzqp2w5f5_mNYL4KNB3ULq8T8D5K2u5FbX79KpO0prOwbbM0RCK93yKy9OtUloZTbpPoz1hVsJ98qBe3ETOEsG7PAALhrlX7rARRW6MZqWwC2EIsmJAEe7ukawfLo1gtXFwZqH_neLNQD-FDf6_SAgk4h_gI4ch-11bNTF4NtbS4IZyUzt-5sXhTSfxWRpMNPp522pbFHy5ymsFrlylO_mBr0y7hvUA4uQI-DZSXGT5DEMmjQ5AjI5pd35y1Zhb-P9r7w1cT7_r9hGxiDvDf9HFz_RwXNKcCOgSvGgzqTbUkLyLRvrnrfhSYrB9kV3qL2i4d&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  54. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  55. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  56. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=c8AkjWO4f52nH889hKGPiISws12-zhCWaUqJEtcj_0FiY_ihdu_ocSfukZ97aTFm65yHBvUxaDkMYBxzz3KVOtqpvhf8xrfkrQDKvD02-MmSHlcVad_OrQyNK4NCs5RwMHQP_LwjYYhVBOnXuib0y94s_JP2e7PguUvSIVBeEO1cKXOIOqsp7WdGFFQ3A6Fs-4BmBuE0rDs44ODjV75mp2kagiQRhpw9azMgYmEe7tx5ukrxBGp8MAyg5zljcgIlbEo_ADaVhuRBsQ34e8UUkHh6lxKQAZ3GLAdPhwmiiGyxGxzO3wSrMygYQrGF1fSpskr82txVwS1RyqngjLscggwJFgYgl3mqvZXFc5gOV3ckPQLGawwloA6uXCdcwQG0b2x4LyF8fzj0PJG6RgXdzcRk8VvM89G2ZaPt8lzzAUPkn66bE4YQv_taQtkIA3rTDE8l3OfzKmdcIitXRCNKTMnGTEm2o-sK3wC8iyBhw0akm99O_jXZI3ejxf85hZAKpIXrguGk4-jz8sZnWAlO16QzeA5ElzKq32qNuSVSOoeYojiP8pddcrYnqPyu0p-vAAgE3FHy47c9OlrnjaAajAhuzoN-eaEZFygyrAMuhve_fqPBh0JaIqBvB3xDmYGQDMBj7jZVG1DOY0CMiQZHEd8S2gWE7JK8kKWy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  57. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  58. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  59. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=DBRmu5nfn9dFRQfWQt5HLx0-qvF84qPuZyAKpEK6m7p9Wp7z8U7zAMBwSU-T1QARYC1FEz4GhmBwuIExZiUSI0qXAcBxSZVdWgGHD2SsaJa-J-TDvSpU-Ei2gPvX5dSZjeK_uz2ahNXWwtzYtA6vSA4fOIaQxvPVph2s4xpif-wontU3ehCelroTHoct2KDB18PIQh-Y6GzL3CQQ6koxoRc-BsZ7WgQRVpHlUGxlcp---e0DG9p3Fn-3NA2320_hfp_4rhBIUfZVtSTfly2QVRB43qLxTyDuzwgC_RoRzos8b-b3Ty9nwKjpLkgVNKBzlORfTFHIMO_m2A-G4yvKYo4O2c6BznHMp_P1bmBktlS_zjs8L5OamQ9Owe-bMcKjAHLjZeL28DAVT9M8NoxtjN5EJW_wZGqex9tluMfjjchb5uiU3SmJdZOiNI233ov6BG4n5IoSYTELF7pZWZ6HcG8bc9vCGhrg8B4j5tBSBhhd-52wY5zyetiYrDI3qHGBAhqMgb0aobvYUgqHsXBdq3K-nM6BAkDSzdzZfhbbulGFYvf5p7apyUKndCjPnOis60IdzNgjkPVyLyEJEk-PY7VvD_QYqyeE2Hdt_RGHEsgQb0KH3qpLn7CsULhLaykr8giKtL3i8Asx8yuNMvGsHdZqbX-lWouq4H_q&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  60. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  61. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  62. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=mBUVD6jvHko2w1-i_kjlsh9fPgjj0HIia3umtrXVo8O99cHfDDSD1i47oIreqCFF05N93TIC6HYf2gBmsLKUsLBljOknRA47YsSMUBBG2b99lhgTO2ej4zdf9WRbyAyMhKbH3LdpG623d4qBAwzSuv4BYxrXm5Of3HKWP1oxZxypwxszZspYR1UMW0Vd4iSNjL87LP9Mnf4iFYUIzgJ2RnI4gzTGE6vhAvEc86DN2-wAu7RCjAuqQDU05oHDYXv1wLwXOWnQHwcreQOV4ylT53gWyrVdR-bwRYFoNTWXTvLSTBLSMVktvpL165mv84n7JzjylIr5bwHJemzOyQAJHacgkzQpRFIGqIf-StMtifKveB8oJ72wa8NnqYGfJok2v39q3sp40Xy5exdQ7BfpU9o40k-mPHgabnHdfNZbuDuxkTRfWk0AcVhTiB2a14eeL3aYZaBrhLmiV8BmTW1Zudh1hzAUrHgPDpTxd_cqxip-OzCxcP1LvP01qejfMDVkngsBtsu1qxg_kxnwSaER418_yA-_KYmx512J4pXOF_MBDaJzRwjoOTyaMinFw_rVcIweLw-JsenNqSBANxpcMxZJOmGm9pojq95AhrfuiOkB6OlAQ0fesvjdlrg8fzS8Xeuqni-dSiwPBXGYhgSwX37CgIkOQiWIam6M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  63. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  64. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  65. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=tUXFT395Wbt3UkkayiK8Vsmrc083KcUBG6Pgrej8UdEvfLnTQFvdFS0Dua1QUN4fPrmb7IXy--aFOO5uwdf2viMFgvkvhd6VIFPGco4MWw4S6eDhqD-7I8ZMaL9sQsQBbJ2Nol2gD7f2nx2GKw5qApiF2_dVS7BITLhsY6SilR9JkIxujoEIfBqsKGlhkcN17WNZ5d8CfaQubjqzND2dqvO1xHmMkW-J8l6sYWl3LGIJ3stq6HTzbgp2mvpHpugwBUAyoIBlliIqyUCFAJCONXOhNwKypYILPXkID90JQ9BH7bjhDZTUV0TN9emgutIyQSzT0q5NDKst3OzCww6fmvtmwXcJO4NjPvU2O_oyVARDNdDKalJg63b-MhpH2cyc_q4rwWWDnZkxdwtWDGQBUY7Js_eKxCFRjlCwanaD2q_WHvyN60QBnV0iCz3mKU2IlFRcLZpowaJbeoiVvoCOYUTIgjF3Qzh40cLCVjY7qhxZEIrSkFeEl1PK9zxb1TmQNt6ghhuwtSut-Bivmx3IxFKVN4eRY3x4Yqx_kTwU7hIA9Srxg6j9E_rK3Rpdib0YI7I7GfA0Byq71LNgqNUPXe4OG8Qv6MgjCQqXabX1owAstSduROFU2MMmwQ9spkiGV8Id-J-HoulgeSqx9n4SJ-2D0BsPAZm3mISM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  66. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  67. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  68. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=cGpS_jrYPwEpmyErUvIReveuWacyBJYbLtfi_tDrb6oxT1Q3eB8f2whPyHhQPeTrFKYp4VODcUiVq4GoB01gQNNin865oM9Hs5Ygux0FG228_SdgTotvFW8-fMVHOoQxQxUMpTkfx_v4P_h38PrxPpYGAepaLEIoL4A8OpZC0WUTfAOitm5IUVrV8qR4QyFqxAPGecbZVIb5jHl98OBsZOIUbhImjb8BXL8-ybjhxuucCO2xay248CqgztSgd5GXq2UJpcwn91qirA66J2xS0n8cMXlF_49ntZTTdXBA5tHioJ0EA7zij91mfyyoVgUT0dMdEmKVwfnfy3CYDBiYzRmwxFwZbW-9Ri_55Ewgyar_8RAXZl9d5cVVH3PJo4bIjFimaYYKFWpUGdZGaoU0PQ7JySAK81rOnloQCqrROTbohbIcZxGi4Uumrc04HoGWuEGhCTg-zJkse89HhBQ9tp7z7FwlnW01ePaz_LfzolHvfkBhHo378KDanglg41563bVFXdNo0dRyvoTxSuTUSvUYfUVP9T2Ip3H_xr2PNnJHsr9BTNMlK3CONODWPuMKWv3p1NbrB8uxXNDAxOiwtmr_1GxtOdG2xyjSJQELYGJBiaFBoUM0Te1wLihXjVduuwdiDrDQuQU3U-w60Wte4L8b6PtEuwXwMma_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  69. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  70. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  71. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=W2XS8uNkVRi_D_o1o3xUPNckM4Jv_PXuB0jeHRlbkPIWsX2GYiQ1cjL0mZzWkT7Xo6NmGoJnKaW7sb_u3XXT959RHNJfH7MdXKPSjkOCSbnA9c739PKoqLDMapHKWx7XwJ9veiK4T43cl_8YaWjcCZXzPSdZbCgJ9fzXux9xPh8loQ__BDPIrdg1Px_DKo_TRAFaHVA7x_gXqxPveUfUbANsctyFBQR5fnma-iiaUfKU12UtkIXlqy6QSdyq8YblOiq0IZxu8MoZ5aCGk73rlhXFBQOJUc2B0MoxfHRu-kcxVM1vrzP2S4cvHbzqvsUCRCK7ddW6dMhQmyjBy55hi1mNFxtxjnrjDbFQ-cWEMQe3jLL-WtEjCbyXw8Lhgrmy6WOQWNWNcCFdsAM9hgFoRtyHSxzPOrS85lR_ofuCp4rCgkLv9eCcgUz_7NWI2f729mCcI4RnoDHyedGOkhAYVzb10gilEcl5HT6spdKTbtyrTVb1k8H1T43LOYa3BpBpr_flWszhVqRagNS3VPl1xZBHD87mKtS1oGWSgLSQW9p-YTTHo0J3suNta9cqKCoszhgLqxXCUJUdDvTKPS7IkfTygs1ohpoRrQxxCrJ9vyNC1vBtBjMT-Ye_qPTGgC66GpNd27uQfUrnGGDeRwtxi2O6_N4pUtCtqbhI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  72. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  73. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  74. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=i3jPbnt8vbL5VC_rFPOquyF2P0K43QDg0qY3iN-Vue1ZbGfulbnVWzL430hd3oxPE3vKv9dpINkhfhV-kqU2O8FBfWXOky4ls7weBfP6t6tE3F0zWfIOAdE2FkwSoZidcQKfqizGHD5m-HiEVcE_ztSmkk35X0FmFfqJGZE7kQMItm8Pzh2tv3Iu8wk566lUP6w7mA0nGdvYxWr33wCeamAhl43WqmIMDpVzHRqlJMtMo-wnl4Bc6nGUeUMb33lNfLFbTD1mijR3xe2WETIoo7UbwBL1qxjyt7qJP7W8k4KoSc9DrIXEFEc8VLZ5EEg0kwiEgYJ2wAzLdjkrCqKamsonzvjhDYZMwXh0R9fIjoeuDZ3LfxQdTfqujAtOx_APFLQalfzlyRz1m09ZMMvvoVQFiT-0LH4WD8TRZ_N6FZlSmqEP_WV2JW50Gj7Eok558UF27_v9WKFxMybGTlGOjnyZLRW9HKc2pRFGpoYS-I4zx2FL8amMbVJpWCDz-ILdS0cbbXD8mpaL07UuWoycvZL-MFtjoQXRcYhbem8vQGZxDrb7PJN--_u6CvujeXLelhTkjCEZbEdghGh1N-T7AMatTQB4fZtPV9CdEAF653gqL72zZPameZkhgmMvzSoHcsOC1gl7hFyUZDF53SpCtTsDB8qwBoN3FhrB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  75. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  76. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  77. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=gtbom_-5xZRqGuSV5TBpimA6FtkFh3mnDMpX-zwUTsLw97nbVjX7RidWucR9xAsluoG8nezO_k_gayfi8OCbRM8JacnWYTJtWRJ25pqJi4ElA5CEfjgFVucfEIOTDjD71tXvL99wehylG4sKkDWpHwKUfalZ17NwydX8jrqzQjcooFqX8u2IhEn35tCGr04jBGvBty6JfQSHVdvBNt2co_XS1WNTYPZKMvmkzValWSxuzoTP2lQvH_4lNeNnxnqowY9LwVKOafPjbQ9e92DPqZYTREPPs0yaL2WmFrAEX2kNM6Yi0y1ySZ3Pf51YcQoVMyoOuUdwR9H--NdR7MYGgYKW2UUAXmlccO2b2ti6a_KTe2LxxfM1l-HDfFOZvOpaDtUBX38jWrmKZKvUlwiA__GX83u3DT-ryldO6-GfHKfSt6jGG0ngTc33dNebPcSiiAwHjENGBwuE-jrOVCGutmy8jC0Sdnk_VWF30rx6f6Y01rw4yhcgHpFB2Mcp5sedHH_fJIqgKxUz7_8kdwTT-GwgTUIMZN2f93gqchis3xJYCwBApIX1yIY1We3G2EyNHAfCk9xtyiQPBvQhcAlHZlNq2sgGIxyxWCUlR_h8xItRd-vCc1SXpYBzYqkqzeGlECY8Tqt6y7akKkmB1uHhVh_HZzCK7jcjIzvU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  78. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  79. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  80. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=4a_dZkoHvN55cPLGJf7VlWZkqI70YJHIQK-6bx-y64qArT_-8frSRrk_CHzApeYJc34fp-M-nfLqORMmAEdgNcVqLwKeTFEOqC7cARNtIAkOt1I04dj7IgNzzgF-wtHsr03qYzxYxai2TqKif30LWfULtJAUh7zF6YeSPihh_MySuWs0SBzuEUlPJ6rjuW3tMOaV3FbFIQD2UsqLOrsY8jAR5MU9SdE_LuAron7-OdhqTXWMVcGnIRTDiSN0dwuXOPPUy0PzFxUQ5EIXYnETou7xy6uGayIPpB9aIFAhMthjiSfdrKwBnvV_FN-HmZclm54mFCD06nvSYFwfgpGqvXO2Gx5T7W1joJXzzSMetgiVdBSHf7nihH8iRmu115kW-Ta9mRavAVYWy62DlPEb-P4cVdunHb66IAC_W_7U6IcDeV1TcXQflwsktF_3WBjbSIYN3XNE2l5usLQPNg1BJBd3NzfW2FNJ4LG8ce5NSsyMrfT0klYzPVJiqvQShpSHf4f8IinzGx6ovFJkq1d_hG8np6-I6UUzHiIaYnyF6IHluYZy1ygIWFF6yPWvB6KxzD--UjcOaQneriMQlqMe1NvMmrH2lgtPY_vsMoCt-cgWLbi5fYVZWMpR7r8sfz3giPxzEDShJSx0QGOmyXrHZPGVTbdQN9lWmkJQ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  81. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  82. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  83. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=Xeb_T5PO0CyO4MXpRIs9rbU_0ahzLRxLeB-obIEw-_66d79Qwejt2AnErLBBrDLVP49ieNNB1yJCWqlkB3I6N8m-4lOGFYm0c1McpGWKzrjH-mOwVN--LxLxQuhVYe2lXIbbRP32HMP8qId56sRXlYmUmskBh2CYHkoWL6ZBAgzx-6DquszrPBnaLjjaaZbR7IZrcfYrFOJPcg8XjAg9cWDw82pzsk_LGrlZpYfwopFTevZiN2mdlt5Yia4GjA4V_YXJgZ-bQf0HvFje-I5qGnUAUPutIFa-W4Txxu6fa3a0etiQObco8_yfNb8flOvkxIQc2MLwTpUgbEbPZVWt_iD07OpkZQBUpMV1qVnJrLAwLG37mBhvay1ZSprdRg8dHnC_NIXguxROBSPrvUJRX2TpQ3LwLII5cgkjtlT8qrC0cRAqXuZsLKovcQAfqeSe1VHHQ5XkMddGb4HwxVxjDUlzy84RyRLfYv20eN2Obr_-nq4Vo7FYqtGIp1bSLE45vOB8jGSmAJXtaqC5vtXGMVYYA_8nY-TZXPY6eiNmQjZIAhh5Hz6GUF0hWuoKf5V_177dqPgnrHm8ie234nsSsbibLlwerxRKH-znmJVFH1Vgaq4mPRsBiPRB7XtBXmcrNU7SAj26Aom_NZdJXxECxk92CXC1N4Uzh9eO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  84. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  85. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  86. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=rTOuSdJImFDVSJYPWT0EXRRvp4WoJEA21rCksq0CftD4qPsSTgj9dKNUzwL5ErVr_PqqvfV1hkH_7e_VNsxNmw3FWJciBnwHzpKdl9PF8b57B6l7_i67js14biZ-sDbiBxUb5sV8GowT8g7QJUukLOSbYc4P4Cv6R4iqV6oBvQqaCgYNSuyLe-h2AsGdvUSJ4F-4P-F-qiMnPAMgZ5x9GTbATNs2Blx_hVjGQK6DQA8_yPDkyGRO4Bsd_P74Osr-cPoit9UOeylCvXps8XgkIRH9_HEsYdm1t3fQ2b12XFEYIgy1vAA8QmwQzNC5n8EmaOPUJxvB9YitIxF6w0RL0PH1343bcm9XHOG8PiOLCvr0btyx_z5lsksHHswrOW7Ly9Tutk68oFVIAl7mRJgoOAzMZuI3H63qB5cuCTu39hTvVSSrryGByJgd1xpDZyQPgy97zttDtjwGrofz2dqiHsIvqV49HwucMWxO3fT-5t1l3xF339s2VPPmQx5lIGEku8K8ecRKI2-9CbQ__FnozQpUU9gv-yFkxhAuTvQsIMgG6GtUXeWJT0sz2hYN4K7RHfD1_Ih5cv8q5FiWAX-nT44pJJZ8-NyPlSb-UGSlPmtycW6Ms8P-aCO-rzQdHvsN5ADHC47vgHva37nk0qH4H5jRmjT4GZBSR3xl&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  87. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  88. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  89. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=9ChVhENbNi1saeKVRGAlJOCC9aJ3Q2EJWC9c4lfD5O3yHfWlToDPTIE1_BcrUsPHYgBFwp_2sjBGVL26zNLSdBoGWFzZV7iUlmzI9zScXjEtW6Z78-xCjzF9WPvNo3fuKZqw25acvcArCDmZWFmmwoO_hzdJwN8ClEIddavkSYfFxdziBmrgsaXvlafFlwfRoYvV5fAw4Ik_rL2vbdLQPH2MBJ-mLi6etd5VAm9isHL4R4Av1DkOuQ71bWNVexgkzx1ts47NXbUf1iq_Ffhhx_nwuHQ1l-Sy6aZ5NBzNk2hjl87KN7oGn_XkN66XGNeS29DJj1sfDSE1TrvI7TbUPHI_VpWwr4vIh5M3P95Dok6XA_Rxv77MVA1z6TUW5VTqbPaUNdeHyu8E8MXl63bI7y1n_osRjcuW0EyjvkeRtfUl6IArNLXmK7jZmCo-kb1Gn491Vx2By8dSt4o1KdJ0OzK35XQmcQgmuMGbrD5aQiyWManGimFBQKV0OtRI5C_bBjZFv9qwTX2bN3mtgBH7PNNlFktSnPKXQXg5sDrJDn26XtplezBJZ_aips85UOqfhjpZqGXMSgCwLmS5a1nEErp94nsCGqcP2MTCuIEtdmDjST2a8BwJ3VCDbFMwIRk1OMvWKHWRWgaa_eYrXxTkC91RAAFpcFol9hLX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  90. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  91. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  92. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=zjMkh4ZCKn6crF-0XTJBj__qehrYNTu5uUkgfhAI3IRxasnc4ovi9svHYqr35oL3wMzIpP8QgxmqXOKAybsuBE0A0msCi-4lTEZK2DchACfczS0KAbrZ0-QBpQmMAgQORM2-nWgOmLN8yZczIUSUb41QGYE2fA-noorvH3CHHid1qyImupyVKEfstAtJ6Sd6QN-LZtl9TizhTv15qrVdMTL2WlVWICTTgcqQ6ZBIM-dQ0iQjQ3cxTePHlIR2boGBRtbTDQEOO7CTRaMcCbU7Pg5tCZ_FQAU_7Z5Hpcbl_jcs-cdfbs_PmhRNz5mpfaVOgRECfa9il05g9nLHunqFcOoxyepGZIuLjRKQ7B3eN6U1izjmNXX4igzZbCX9VYnMqijK3ghkClY0q-IX9AyrU3GocUO067eqdfxyWueCpkgA76dEBToxYTKlOGzttmnyv5mxkAvHFKVot18Cx-pbBJjNnShrrCDUJCR3btuQ4WM9ixEDNDJzPkeEA7Ezb_32DGw_Fk5I5fNQpIJ34KBEaD-wcbUwC4K4UmuB-zKhWBeLpFPKArSVjdUaczVqq6dznvUCwZDqs9_fgs_MAr2oHvxL1uckOsMeZ5qdSagvJ1ovNoHfneVdiiHAOjQdP5tJjMaqSH1SpTapalOJLwBc42_fTTAjh2wvpDiK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  93. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  94. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  95. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=-IceoGKbb0uLhbyx5WYRYKqd5oQHdaSlFde173P90vEVVJgWgeDIkrg-hU5-qxOgGsYuRG6mAf4yfO-emSDjvaqEoDtjMQsmJ-QPIzK_9qkCcPpfO8Dq44Bkw2L_sefAEsc3jV7-7wuoqDD8sOE7icTmGjhhCRH8N_WprSgc0sexlSpf3YrXLcqtXHkTDpNGxxZrOS3V-DLdbZ0U-9IHu0iOVHlVXz6Ez0au28wxChnk2-5-TTVtVmGaHj4gALspo7Ps7Vf9dEzMGm-ugWMlvXzSRv3Y5k9wAc0QADTxHuH6z138UILyz8EC33bRqtcqEQtfyR7j0hSFPO18BPHUafioiO1NV8e-7ypqTyaKormtlzKVvGcRQaNL4oe4zO4afwgZOO7lsVCh0qKurSj8dJ5KWakIHJP8AjbkiqcbwD0EK5QukYHSsu9D0NL5qXwgmrY0nsPzgJ9lqEuLUJP8QyGy4_MjN3aF0EVm9H4232tqlCDwxg7wH1MfPLgIoWylmNlhTsBDOo5gCI9rBlG3itqh-H3TNNnYjeQeKh6aOKjG-0bCteurhmBxs1mOpBbBHt2oAjwULm89WDqpBv428mWuWi25re1csNAQbyFv6EAXZHtbq_Jp_HwJNTAPUn-F0zeEVjqJZjWlDd-OYnIn-vvEQB5QJJhq2b9s&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  96. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  97. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  98. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=X_EfDCD9WEDtIfc-yCft32rp78mlnKoHW4NLz8FbxewX-W5p9-PXd1ZtlDUzdoFyjaGIJ6lTWyahB_lHowuX-Uf9cMkGLY2aG8Q41QZdDBwTboriWZVcQ3Oj80AA3hnxCFVMl5CK6hC9sXqjj_YMWRUYeRBSkIc1e-t-_CJAE7khG3beWSUq_bGUXQe2xpeVxanMdMgN2N5ojJa2p5-47AzWAPWkg1ijgiUW4EBmaLUH6vcgQuQw6jnEBSEdeIBI9cBUHgHoP_j70X41jIk5ww7lV4sLVn8IzHiQr1arimPmtozG_mFcPMhe2hab6bNukTh2PCbb6FK5fArvAZpFA7k1DqIpX8M1Wjq54pYwF4mCdR2vWOv5MyqWC4LDJLjdqTXKjJ9QG5icv2bCqdkT234jD1xc1nXs6YnMGhJ2qkTajLKDrK-WaKujPI6Aw7zO1K9jiONHsKm3DgYSNmUdRL2FGlfAZf3RJmMB9VAxB6y_LS97JjYIIsQWZNZGgb06IgVebwuEXYnMXYc0JVER9WhUWMv1etFbSTBdlc8PsmbPt_EjTv_EGbo3xSbOEqwLIdGaVmkoDvRPHM_cPEVxyfuGYFzTbGWwfYK4wI8A1pl9y_TIPwkFsOkelT883krpwhHq5YM_V5jexURP8u5xR8qNt13QPMz55FF_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  99. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  100. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  101. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=f5p_6ngS3Bh4GY_lxe3BAvj47kvIKqzyDi_ul7mLSxljInzqwAmLxlNf9_vX9ozSGZUQNHhAFsh5y3kSNAMoEzkS-GJq3BVZ_-5TFpIRE518J7siRWWmgvS3XatK1eXUQhMk59Jkwgv5Bw8Cvdx-8QcgmaaOCmlYBH8_zfOWonltS7kXTMA2jVvF-QYbt9jRH8oaS069Uc2LA67NCNEujmhGmHUes7020UyrF4U6D5PlWTEzr4dyCxhmNE8qoKcMg1YYCOfoFDo31nkvWasfLArOBrxrMa8WQndAsfQ9Q3UYCbYmHPPD4MoRvdHDCSDCJ5hsQOkk3McCYIxpzqT4-NeXf1DEYhJ_F_jXM5geOJ03R_Iudh1-6Uu3PpYpfK2108fhXrTi8M6uXz_tbtBB0p_hzIxsn7zIzeI8UxD6uVGuh1ncbXMmAi2-gN0JLFxoq1ckW7_fL3euwiAvKnY-Dkt5tpVYdEw_ltXStVbnYvlXWOpKq-XH_c8Fvf4ertGs81lOk1-LDF01lvWO8WY7ofOLfyl5EzRx8tz2DD3C1JyjG8cmOUshshZlZj7Da8HaxVQ1UqPnfUKnvVLOTpj5czGFkToAJbsSzmzt_X7HoOJHroso2xnb2P7a4nd_C3a2wXlNv8yiYtuuAnSTpvEkJ_QwZUQ4KCyBByJO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  102. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  103. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  104. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=0frRMRQE3-dmsqMhv3mdgcSt1fSZMmvVs5X4nfJ_BXNds88C-Ld5jVxUg-QLg1fCBW5u2405EAAu09x4Gp4hBNlVf20sq-HWvEuxdb1f613pzUZpM1o4w5sLAmMObUaoOKWRXYj2i_3lgkxrE_cuFTFvIYLZRRB0fNBeAjTHOGwL6E7uLhWXB-A0DS9F1k_cxN1prP-An6zDf-4k6imwUFzs5eYDKajJqmaGvZhBC6oZ09S00s9DKIOhdiwmoafcAHurXbi2m5tYhlur_PdLxB35FvMuTlIBxmbtZYYUaCyLvaBadqzCdjPiUJqqgPs6q7FAAJIwR0roRt3sQyAcJD6FDB6HIYX1YyOkOZmy0HWFGpODJynFJPXSD9VxrAghv7ulj0Ov0Gc3OzhlmhrDWbgp1WUJlDSWJw2NmXMMQzdDzYPj8Pl_hAhqIF9zbZM51JrgtBW8vOxYmlPzXHRIS6J8UxZHGhOAul-mqZZcN9q71uHQI8Q_pU_8JuhoaeQSnRIRtxi3b_zJucpDoYRDWKABGcwdE5HBlfyduH7b_g0S8xZYC2SSotr-D4mHmuO-2_yzJz4_h9ExF8qav4sg90KzLHE6DCw-iusaoqQk19KMtLF8KVpTGe_j5tB4CLIQ11S339WovWqtuQV7dUoizumGsrf0UeVQNB_R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  105. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  106. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  107. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=eK9zHn0DQVqSPP4M4wduGIygacauc1dt1TYRQ5b4Y_q4JclQAZnbDuTrQZjd3oxX6uNnu8wF8FlwcaQI4VHv8-GOCRkVPOaKHg8Scftcgkfq6d1ec7GCeCYnKD5Myf83-PUct9zeY1gcSYcZwJ-hai4UJJclUXDFIZoAGGhv7trWQGx3XuYNc-FYdPGIIXnZlZpDNmF5C4NBikcmKAHSXvmUkAu3R3gkiXRpSJ9SuGz7qMCB8exVq7XMs4cCXnBEipR3bLFt6RcWXCtQXBbPgYtiTTIJIh_YRGuel2AmAdrYk7dMLG6qbjWqTqVACRi-2g60xu_qObDBwa06GEg3L9xvMos2M-TutTr5X99CbRoQLUv3ulmIYb-luG0E5sWD8XJVMIVGYwwomOHmTJlwjaFb7-2bdV8Yl9locq_-nzr9n8CcX9IfgIwzNnlkcRgiZC8X4ZQXpB3RxKQMJZqbPH8jnOQT2MBS-vLkb1OQp8KgHWC__6T04iVlF-vbV95YQqUi_kKV-s5AcQ_9TasQY400Qw_-vmBNYRqiNrNrmmw5LQXhfWXBhJtHQSiDNNQsvFwsClBryOcAOpuDQuabiyJ45pavpRFnH1hfCPmGFShXeGE2BMsRXEwZj_FuBotUv6h8SU6lFHMYFpBvOxG11RZx2pfYI5llLy0k&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  108. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  109. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  110. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=a9v4w2057BQSfzT_opNKbKxch9pJUTK4V6W2C7ECX6l7Ahk4t_EPe-RUSmvAPQh7kLQvFO3BEpk2S-o9RAMOEi0LMsHH4Ic82QqX0BQ05TiBnquf364iss6KpvgrpzN_v6Yb-p8pZOomK1EQBP5lM_8yl5v3tbaIJLGP1QvxI5CWiL3RPKkYbtW02roeKCZeLhPmZQxMd1K9hHUo_sOGBFmUefPi8gdfoM6E83uQwU5MuPy_cG6jopEDQ9ewuWUd1u_MiFylDjKS6B4_pFdeYf12xGA_i3OvqWC8BESxlI9uXAx_Jnbkn8Cv9ecql8Ttat1hDlyg6nXZwtlD7xFpAnCpd9_6hGWSMiuj5wJPBMw_uMme0T1NqNMwvAYHNRYANjEOKZ3A7GnrwGKyYPI4Ma_CVRQTVKjeY9eKrEDc5XAEX01bK0u7sIofKWDR-5D87wk3y2M1kVAkSi7gC_1TPhYpP7tGPdGgC6-NhdLpaSaJlVZoEIcfVQosN-ccwYJ7qG2GvI5VBMj0ae7YkCP_YT64jWGaQ537146SZXUM5n_XT3rLliCzklbAKg36FiCUoixP2G4rJJfHAC-vjYzfRxEBIVwE_5Ua0QFdAfFhA5EK-uVDIL_gQpqBLc_OwmxX_3LbijgtGJ1ifY1nTKw6qyBjIJDrrFJD6h8-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  111. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  112. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  113. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=giCmp1NdZnm1BEb4gfRj-yYB2EiBSuae25JBtWs8MfpLemIXkaTkefHy2t22SOsUURlqEV3vai_D_loyAjwf4YGUSkpvBFBi7DHxymQBkGkwaRZ4O1rLLfPwWdyVSQGvedqwvjI0ICU_q1GAYljOsLiYJovcH_YBx8xv9BMf8VmEL7b13LBmkF9iZafh53p8cQ9V1_iOXXrShf8mjIRx6Qa_xjmR5Ebk_GHpKnMTX7qhpNWZsixCMJ8jh0TZm47RbKs2uudJYnW8qhu9Yr-U73TsM9wh3r0Fup0qivS2TWGB8EzWoONWJkFGIyqVNd-PZOE5JGifufIOFJC6L0sDAAa9cctkpOovKtgY-qEAV_6Lfcs-lGXX9X0wAviwpSmfIIunPJfoVxMxaplP4lPehl9IpWvdqAGhauNIrQr6IdajgKtlE-UGo5rEXzHjdN-35AZM8bYqhf8KterJEucLAKArSqmUTUtV3TQWEio82azQjAwvjeuodxnjyZ5bvZWOqeeiNd_IqhY_Z6NyZxPSJwHcJin_DB9CFdae0m-M1KkHCeb9CD0WdNctzwQBbkSU8lD7dQxCD0oWkkQvR4sVrr_G-j4wHKStqoqqsE4afEVVadr3oyc4md0tYbNQboMBTHX9JPygB1RZTZO15pDWdnD5ZXEEVSL3rTo5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  114. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  115. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  116. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=H6pl0EwxXIZjzBOKFYQA0sB4YjckiNCWAeKLsJK5_bZAnhLDbZD2lX4NOjEN8Lo6DZlkkGM8e81g076jKb3mP2AfuRjeYv7hoE2_trm6txZBD0y6L7r_rkJeb2m4VmuFfeQWHZudL39Eljp8CqYgZdbVUF__uystqdw0aLTKyupgxsIabW_ZUlbVtdSS_CbI_gt4g25TpNRdKiJwLBVX7HBsuF4lWgzjVZqOw5BR_Ur9ng3sKZW27NAC9azlLFtSj7_eHj9_C4G7ejVCoxBtHjkA3UwFf5LVnI2E0EeciHBygtjkpIcpEoUhKJT2-Pmid76e--V2NykIbCl8934LJZmE0Lr8bk3UbfuC3O8Gb409mviAjrQgyY5Ad3Bja2eSRPYD2B7wGv0eBJEOPLbYKZ4A__-oWaqW0H7Ko8jJkWIVW_pA1NOfUV7VxAUGdDxpVQC_ByUp2901CgRI18GXZ7P59QEbRGdLIc4bjRKtq1BQdFMxfWnDhVAh7Fq08ZSvmS4doXgtx6og52PXxO11247qmPxbbfmJ3_TlG6I1SSKiI4EaTf734rig4Jxm7oHCedvPDakCrYRUbUkbagJZgZxhkugkKjiQXvFNSm6ZXpL86yPKI9LqD8E35ZMCyn1OLDUPjZ_O1XWkFd2747p-HAsbxs3BPESzXlGy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  117. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  118. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  119. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=paRjUCp62dHq4HOjPRkEU7tqL2nbuenbfc4BNVyOSIk0nat-E9Pwk_oWui6XLQA7myNQKc-A3XLFW5rjMXCW6Cbgle-BEy_siQ3bqDjC-kOKLp8KmAUZh45b5sxx99DSfCtWytcsK9SGFIEXoSRAr8SNQ0uV4oV60P9dkx-6O0GTBHKydqNKq0hmT3wmiGhHmHc8ThlIihvr-4ip1PoJwAATQ61RMH0PHCOfLiesGHautf_s1h6qvYyXjfQ5rLo4ENOQXcKgl5dbi2fx-NDzsV_Hjr2LQjbR6PvZTvWVQYGZSA8gc5RM2yqK5TUT5VldLNZpRLH3YhuOGVsMfN5lkI2ZHCCjCe8rtXdz7FajgqNaoU0horOMJDNztHN8VJsb721pfLhVbtFWSBKSBos4jmIv8wsp7044kedFFGZUoTN7mkunwE0Y70TI2Y0PJ5EwPNO0Vi1TEnIZxd5OLBHAmpo-uWodSHqhBgyO-gJvsj_bwQrY2MBu4OwYFi6r-fiqmxTQ-R82YWiROdrkP186l2pcnLtKPmvLjXS6L59iix1-xsD72EYHsKoW2J9kxLwK_KIevcbtf7yY8kf4elOP0xIcqvsvY9VbDzuQPv99Hn_AtWmdj4e1jG65czdNqBToERFYw6QdbJOhtv_i2nM3ZzfsFx1NIhyolG7D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  120. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  121. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  122. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=Xvu_8d6SPmEDXTYzcjCLhLOFLCyfSqVVnQ_UPHZQ7CQ5ctgf615soiFRzEIEl-FZYKCKnBA8n-wtnVOU6wJkUOx4D1WVqc1My7Ta4pOpYIfm43uAQ9Aml0SRZKTK3lr8P6NtZL35KdciaSeGCO6ew6P1apGAXDi6TaAD1jqTDBcRI5tZ8zHiBsRc94B2UAmebiHA9d0d4b56DN4ZziSfiyzKkEe4G6XpB3CcdBzNssppkpAIHjpIJmvkwv2emm8rniK4OAGP-S1BV_rjdkjU1kioLkN5yZ8IR77cM-SEFHVYq2rrbX9dA8lGOKZC-OpVIO64ksngjzBQHUmBlbwGxyg77ztS3BbOCr-jO0h4qeQfzP8ttanMAsJCteqXeF01NH196qlRcXUEN7IiBqmUXjfem0Sai5C62bl5sTari8yiRZ-O220XKaAxsReGIz3XtpzQQJ3NGXmeSUNpO7wqI1_QCBEpOh9MVrGW_Cs5etRoAuPczc2jt3fnFdUH-5t0qxlwVhAFjoBb5-A3LDUBihgthY5vqphg9C07Cp4c6vQkZzqpEhW-ql2_75KrNkqKLp32CdjiiOlQX1U4uzWq_ZSnSkCH6i0tNsZRSEbNiWCQV7e6Wm3pfbV5FJRcype7ElBll1KfTqzjIMFalyIhposv4WJENRdpCAqd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  123. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140565cce62eccd84d21b2a955ad9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  124. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  125. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=_knhIA8e1xFSYwG-vtdeHVEmPE7S7lz3cW10QLw7JLsdk78ykemqT7rUhDMjm5gT6YyfLHx2TmAtvEw0GtBcIfBqXquqykqOA0xT7m-NjZcL41MXRnY_9-0DXruxF1AUcIZB45p_j3C4IEa7bYLsIpVQE_9EqjXg3S2tuCvkO-W7sQp6S9Q5ynKcn23aXeLsBYD0icR4gB52dOYG1XSHNkH3VsmERdp_NIfTHD8WFrqLmMXFnSJ2ZNQ255yvr8JaZlZNjUJrpzQw0bwqmyF83hldEoShn1NRu5YK6Lm-VlHifsIgIUv97T0LU0KOwCITq3qz2cD0MBkT8JHel3GgWg9zM9pRVjJ0Y7sS4z8HTYhRqXA7l36SBU_jS-4E_FRqDMmBUWvJbVrYjjy4xqe9_7exQbSmN4AFvKkkySt1VOtZSIU9WRkYhIm3HtSBW0C3HAuWa3Qa1RtQ0hqmiZi57dvZgIBo4zfrjn9P13jSmBF-npj07BMc7sunN2iaDRX1CK1yzTVHwI43M4cfC96VqQxNz3ar8ukFEcO5mXC2M_3-P05RqBfIS18tCWAndwksNpCEZDkCQ2C3jYF3ol1i5xT3gPN2A3cMVR78rR7yWJ8rZzBXGloSyB3VAcK4hex0tT1XuwVhhJn7qd8XQlmHotHZXakWyVp9ojL0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  126. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  127. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  128. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=d5tXjiXy0AFJrhv_gvRIatS3bmyXPbTvLv-LNxCnfsxHuIxbuQaWkEq9_015AdcNQ8GjvGKPthk5_dA9XAfFErFObbEQKpHSFip8lbM65bnJnxXWrH2hxgXQKQP-a0Iggh1avD0lhnO-8ohpa9JU-2fxxa2-FOynJjFmpdP18VQGFs9eywiwF66kDIgdhYpVIVke7PBlQ5-_4MNq33oZLwBAJkamP_2yV5SZiPt8Yg8EMR7XcgcJkO_oPHemPkZffOIkJ-1hUYdmqyewp2Yd-iGzTwjxkv74g7D9NdkW3fFjyDqhpR0rwAe0IBGl00gCJNgoqQm7KAS8pdnqpZlwXhU0CbePip4AAVvem7IBuH_yWN48swPjXo9CjDnMRaFhJ54wyAsKW6jO6gLFfzm6VpUqdBs_dU7vdmtsSDLysHhm5qQhZrqbaaq1G-0eZi7LxDnnu0cVoPNqijs3546UeP1AV4NHTkX80guftg75BppeXMsnf52o5kqDkZ9BcKWPVEZ8cP8nl6MCPUr2BGBNphBquNfvH9ED5vde3v5g9N2w2HA8dritLErAHLNlsQEfaQfjJ3TIYgzuR1-8EqEVXbtH79tc6Lk65LC_SJRMuZfUPP_SizsAEKIaxOEvyHt7XH0r-_l3OWlVUfaaTM74Ki7TEIV9eg93B-Gh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  129. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  130. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  131. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=HEsYHEQTWaLXBJ5pLvMfoWrl4T-gULynFA2CaYbKDISnBNQhFNQFbbEZmYmMO1YqFSGj69kUm6-Eck_5qi6v7UNEJGjdtjFsbCFRVVjGqfMzL4WCfTyk-GfnsTFDSr62xcW3rxJMiY_ufBQMTsATtoMJWvjoiYT4LjR5YouA0_fy5VN0IrWu0Ode2xypmQTCkhq-nCnf-XJ39t5OYY8jNPHdHJ0-8WSqTT1J6hsO2Ftn69zAJ1PkV6oy9l69CtEumfRTJv3kwVSxeTlypHnhfCmv50kDNTmjgN-dUAiXLrT5zHgkwi1ndTJqHsMykpeglIZ7QU3D4tOEZEyZ-TDmVjf72I-KtQrHxRrDCoUT_79z5bbWYB0woRDnLncCa60P0cgVUB1a6PVUIx_zGyFu-wVIjYClh0PU5rWfNio9PbxB52cccUz6ZvZLpT77ntjHAjKPahPFvyBL8GgYeA3ksPM9_S_-hdvEZ3FUz5sAX_vZ5ySUs7JEWHpOTMGAta64yNU5Lb7vkfsYq5kr_oayHj0BTgl_lubE1wv3u0KXWTRRaxRkF4aGDPSTYoUYUXHO6CIDXSha7VKhVW_rwLwn7M4zxBDFu0wHawsrg_aNSNHgU2vzYxLZGJ7F_amlJDuZZJKYqnOpnUp4vnTQ1NKitJPzYLPFXPrLl6eH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  132. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  133. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  134. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=kPYMtondLyJ7tMbSklE-IiPLLl077w6hsS6PHxZADpDtzKtWh1pSRF7aBLz1wBCjgyyWuzXQGIXVrkD6vQ18nmmx8DRkOpgsDjN9jWFevilhNfEUM320AQtquS2n5mJV0t5-mSAFnljtiMACR8dDSoxTRJs8s2MZjQQ3lrtalMe4wtzJi98f8Po_iQtV-fLVTyzW94wfoawYJmixSgfvgcF1-XQaum7rZxF_rX-Oc1fQVibSgswAXftbJAHlcE_C81-nvwWef68i9FxR7NLX4RSAAnEbR_MteQonDaDSBCdCQg8mGLN1KtwVE9Qp24YzPkajYYbdj9WRuckrlIU-oXc3wrZEAz7tTzQ9zXGlw4m0tPQMeAxFtl3PZ1q8_mSRukKlN3JY3B1_rc9PR0XsL5oOCe53ai6fo0-oRakHyUE192MQV-r42t0mDM6si7XaSpc3v_dP2_GCkyfb6LEvdgTBcXhTU6-dQp_to65FZt-8n5cJ0ckN804qglkaBfd434OPJ2_SzREffW77xm7l88mlkHmNxVtP_rR_nAC9ULaNlXK9bSOo0eLW5u0MhToI-MepWVOTELRxQ7qGK4aK1rZpW96EiAA20x5adOOR3kMf0ajA8njqoEVosXRSYb3d94q6PTu9wcwZZARaEA3NzatPpXQqgm5Vs-lN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  135. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  136. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  137. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=udOfNKLDbyR_a06p0K1U5atQjWWKKF10cnIsDjNzj1EUka3GHc8wZgzbyGvKVn2lY2jvF8-BdsDKdfftjBRjaMy6qdf0hB8pAg0faC1U4o3pn0EDEgjPn-hTa8AGLAhRhBHvGaaMRQcIo29wsAurpclt83bLlF8DO8X35QrR2OJsnZkAHxv5C1ZjTqNbLbq4_Tc7S6OO7QxvCXzdTGZRQLoUZ-s5-1rSapk0BioF4eP4L9yNAZcoPIS4lVUnsrRo3VoHMyI61hv9oORvhC8dZIJvF-EYFxl8eN6dfLysTFeP2yrNwt61OyziyGa6lPaWWjM2K6mozQ96_27Vp7Nfn7alyOWcId3sLpFhmBXQCCSefruhh6kpmfw7qHN1yBLCd9-GE3xBYdO-4NQLZM6UlIuW6yi9yvkwOsqqm4BVRnudZdn6ai2Pp0cRgFlR38AvuQvP7Gv-qF7nhFxSEhylHI79HC29icKkeWjbZP0SX2FWJJBqOvXUcOaoK5TYqISlz8cDIswA7RgufYSD7Q3pBqGs-yBJHtMnMqE7YHnzktV3eR6-Qcow6Kucc9vBMbUT5uiVQWjDyMqj1fc-mW-Sspn6ER-zbMGYXv1mHT5kdC2Hc-roxJqRwFHwW_AncanAgmJQ7qVoUVcvJ7ZaE_PvJeoB2MpNsYRYOgez&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  138. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  139. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  140. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=xIFYv47lDQ2zE4_Ol68DTC1kalssbv2gSTiLlA_1VFLFSOt9Dh-J0O6geqm4vB0JZBN9EwNUbf4YkP8iGOgSrpYVnDPEMg5DSnadgrpGNDHs8syZscaNBsdzbnOn07Jcb7YOoZxgCpX2tS-CTRZE41Y6iEkCzkwEIrDrHBa1uDbUpAi4-jN4ajq27_UCxeiLuLwPH0skLdcp1qIpaMRFi5zLy0lEKE0Ppxx0N3NKmH8UnpJMDcXx_KC7FEkg_PoTGXkObNgQUl3eeVlRT3fqKb8VDWXwCYLnj03-jxtHURGoOiaB8Es6zmIYQdBNWM4bv3mvOd00vM5TGyVYvH6dVzEfGhPCl8S0pT3VgfixlVSTsZ9O6PfasdVFMOFh-jYFe1p4vrThoBnHLQn2EOPSEKTzk9eZ-F9cCQLgtaLiP1qVBYvIpM9BWIwoNPBs5SsxBbsZccvGrieorByZsrMs4RXIU6xwdk-UOUwRDi3IKIGKomls2vwFRiTC0RELqiGRd3lQ4BdBdiulblcdS552fHyED4SIdPHqsTBIiJJEZTv93Iy7KJbhNiLgm6mxjPxSp5bx5Ixq5R-Fotd49wPfTgsIVFMN54Xh9pOHSdMLOvSdtLoQI5e5L5udfoUgxXMxBX8SXOruHeYml9Xws4hr-iYvQP4CpCfWCEav&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  141. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  142. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  143. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=jtClr3nzwsumDnGITQ7_R9Nle4A-uAgrokRlrZkHcy3h_mcAghR5T3B6qAlbrL-ZxrxpzW4eRCpc_OrAeEHo35J5BKoaPoC9bGVuQ4pwHjJmDzyzU61H8Pqn_1k7p06nrhgwUWJj4S8qSdtgPiL0cPTKpcrEdFIEtMdAYGOCIIHHP0JQqq_QL1BQlClNqNTJtu2tQovTq-H70FTcaNNuvzQh0Age3O8Tj9qzB-we3QFpkfbsjZR6-PYrP5Iq4bYFKYEI0Z9QX0jICZAx4N7QlqSuwai8XP2QeveRk95YTvYqpaZOWZIkYxc2AYbf1xTBWtf4Y8u7zcy3u1_IL2Hs7A4q0Hz53sjH38L-bn0Hj7ETsNSG8DPzK6ithIARWT19q3wCUaWO3w5lsBitBFs7vJGiW26HM-x4r89SFhz2GiSEEYjJOvlZckNtNO-z92FLZsmAJ1zJO2UTlyen5HVOOLpkyf1_CFYm2zHwM14EkLbgIc6L6_EvntbtJ1OTIz2zBtCFSNfSLvDT-KBIWV54A9Ym6WnDRI2ddinvj4Fwf9EfTgRNO-kxnsGhMlU5CR-v_C6UtzufbOfbfz9VoabllBvcdq-oA-58bEdDRlfXbTkOS7ijLfSn4qPFuXGnQRv445VtyEef12ciXwolDhoSODLKu50ffX19zdIt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  144. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  145. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  146. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=gYHW9WjxLFrdD9jFJFMAXnkCAkzu8Z8W4VzlZS0tAxBwUtFj9tNuqU9l6vn44P1YMoGiv8dVVSfVFWZl42XDIccr2K6O0pJApbkov7ZRWRA0U06YFuLhZ4wSBpNX0nthpmBj2RkIq-1MXL8iLMpiATz_PTXk1oteSxbIlV14BLAcTqHuj9DDcFgFSdWDqHrzr8jQVqWhkBoy9l7tmPCzUvMwpjaoarXlfm1HWnaqUtSva-qHLDXr7_vZzJfna_JWEcqWryWFJf1eFGa7_EySVO99hrAENHby3qv5LflvyUlZinTp6P8ryv5WD6czRj-6gPegFHmEB3xiutZ5xfg9e_Rr3hOChGnETH66qrqMIseMklDt4WieYKYbW51AL9XzeLTagh-ArA72x5SrGUCkCcKVEGyMxvwZ_R752TfA4npezlFzuDoorRgjxLgN5EqztNJZ8zFDBsrfJ79WL5YyTDgD-QUuyzVjyfGIEVc1k2LmDZTtpjiXqzTnFKyrRREHnfHkaabJikDX5hplLL_159ovEm6GOqMXqaCQQMe50vuh2EWeOROB32xaPbZ6hOX62sPQjoEPmIfveESThSehguPFJVQHLB8LYXz5vNqkbGzcxKRO60wgnNRyZaBWG0m0hTfh2Jjn33r0dAR5tlyU5pCOhZUMeD2D929S&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  147. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  148. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  149. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=p9FpqaH1jLTDFJ8gCjuY9-9Ct5J5uxQKwWmH1btPdTj_Ch-SDAuZfoRenfFkooJsY9xOMtzkt44F7KgSLS8dsYeORNPPizbhC0kWjaEG1-c5n-FCQVVs2QP7hjyFVvAS9tvdWNOqhbNmPhfUticXxwNuxHwgq4OGreY4FYdLgZT3pZYwG7lu3FIjVv81lar0R_3lrrUOqzzjvDg6Rhu2o6Kc2kQfHCGdVZeiJfSnEsdbrbNmeYPvVtBOtiT7t0wMt7mXQQOLojt7piVDLl-8txsLTKH9zqxjuuyFbz1Gb9lgHqR6CiYtEoqLYuQbsDviuu3NzV6ktS8CrbVXuzEaxnYxSuww2kznzpmZmI7BSkV2hz3TtRasAn25t5XRGn2uAFXpJvY5kx-AuAyvcxqw7JGkBJZ_6y43puRlTGJQd9H0VCBsSBbVQsAAyo1yfTgiMP82ySxekO-ZjVF8b-yiYTRS3fjAMMxa27vgvUGVpW6fMoLn8bcbbhGKAD2v0jKN6LJ0xr6EaYF6P6-H5c6xwdrmPXGNq56RqNnp_s3bJkfDnGQoWVlWd1ZDReoKeSOm68-ZrNqBevmsHUHpqdbn2a8QnUXbC_ZuN1jLvonfMNI5iLBg6K4bBhhGUv8us5xT9qTrMZnOfKcFF7AAKWBFSCBSl0qKOyR_YV3D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  150. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140582b37ec625f641879e64f09f2d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  151. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  152. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=Jpyzja4HU_d3w5PhJD0pPuJQ4yBswRdYSryVZRtCk90lBmeOggs9I3s_LqjjVeDokMqotxRljlr-uzpfkH9qdv7mTKK5Quw728iNhwoUoiImAqejctBLSX6fnE2NJKnvjalj068j0EdmG1f_QvysXTdBLTmZUPZtWgEDtlvpKGqNK7tuFk03zli0Wg_We3m8Kwa4ErY1LrfHWygVlURseHDEYk8r7K-tC6-ERcQsR7A3JWqJGDP5JIkOyIjaQzhqiGr3HDU7hHLYb0XqeGYTdVRDN6tJN6AlTf7a-nJ_tS6klMjE-yUqVwn15FDBuZG8fyRaU-8H0BL_eom4BGymZgni_s59kRY7DlyVmsCoA6-IcbgjnYIPPLr_ysWAnhSZQAhTVamVBD0pI9Ud8u7iojeFd3daGbAcM97P_jK2VFeWV1rYF6xwr02BXGXRGlNZ1_0JE0er0qB7i0Bp5dgT1h7k3m2QRBWaZOaQA9hCZs7Z72gmHzjzGelO4wU23jEnGpE6ce50G6Odl1pvVkcq4qFpjY3VXlzk84G9Qx4k0c5hW3wLQnwGd77rTkKanpGehscqQQtIgVbkqd_nfJWelFnd_QmzjRoiKxeFglCqGW7MMkNIyjFmh5xV200sknQyfVUEiF-LvjkMCmR7bzp9oUR5cekorwXettI7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  153. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  154. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  155. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=f1j7EEq9H-bHTtpUbJ9DbKpZONK3fbd2941dZCc2SY_DFZwm0McstLD3vWwrqo7ox_7R_aKCzbWtQY0cGp3q9Bp_kpjblOJINKhpXgaEHi0rl6YMwhsBdSmnYEmVJXu5MiScwVJ8s7PYu7BPm9OJFp5Nxny_GChYXTF1LuhorBzE1rrSE3DMCoWC0HIv_aFYvr8Q0o6riax3LdamP22TmQkPd58NEl98Ou5v8J77HhUes8i25ltiL8-AGx5_b-NTgF1vGXYgfPhk0jJO1IqkEjLAGEUxg8VQLpwV_p4s5fsh0TtjTTVs-icCJoSrUANvzfWpgvJHlMV20HO8MYDeQ_vWjxCJKOduyMOiQ8ETF3kt1jAZHHVz13lWBY6JpEVK0laC1LJpRvKyHUTeW4Ky5ECPH8MFsmbdaSqUunLT7nr-Rm6XGyKtSStEVACy0ZuenvdLt74DlEXaB0LMl5nTaOISNRSmh5XdqWfFnRWAhCt9VP7IkbIEyRkmm2Z8fIu_achBczje5eOe-Fk_R5bIn5r4Twj9842MmbhUr9LZ-WVgJq9lWQtnxZaCXkWR3vLnQN2roNLAy4Ji4G_i_KktVFW5fk3W_uQj7LPgi9FuWZpMD5fimNze0BonnJ2WvKhlicuj-HK-v2nW-O3nRcJn-MF5lH_FTrWdZG4Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  156. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  157. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  158. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=ecMxs6Iq3n30PvbHBiy5PoRamDfuk-8np-Kwn5n-1oFs5Uwzr24rup4pS_L6WKBqRsPQPJFKBE44mXmNSXta7SUkPra_2hrQbkkUsyHW49OMTGlphw_nvmh6s49uGNyUZ32TjHnZevbpWVVIXVCPiT3NGEslKMmkxs8_UFMJonHyiBKu0kzMcTHCBhWLXTtLp8s3f6FZ0KNbS6X6jTCEQle0pl9zkr4rwlWk1h8t7o3NwAd51TALX6nqvGl_VjGdRSFmyzrqeiRZe2jX5vMeB4ySXYiKdBXvLHkoigd8vGVyU0OcDm9XP2PAlhyMXho0pJHroZwWDVrbfvEXY_2czn6a69lvxx-IlHgR-c1SolDLugaFeCCBje_xNOO54ZXBqhoTfjYGpzMz1Oq666Go8QSnrurc09XeL-FM6NeUag6myWkFtRyf3mMWV4VFopVTixPHwOUIGHnQ6qZHXQkTJ28ixmR3ffWJ9v55SIxBH_aefm_Yj47ehv9bBlsD6NDWmNhzclFYXZem6K2sTuONu2QUQcmcKdOHHlVzORYyrdVCEX0K8r8TWSjc5eLDwceRT7VNJMvyfqC4NJBw7zPYS44xC8wyfrpwXVgqCxWMH5myTTUn3v02QsoWyVknpmCBKz7pC0mxIw4u4SfcoLd18AGrDy2k--F5jZhP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  159. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  160. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  161. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=QZGs0sMmh6CDpi3Wpcnv8FvNcQxEvEkPc2cPp_YHJNWUQ62rdfJkEMOk8qZbQJu7qFxYcBdT1kDEB8WFzrJ6WdHOup_txBXlega4hT94n-OancUUolb-mw8nLmzEUN0Mgsej8DPzS1qtSSrpIAR1rNBsLihPhv13tnT8Bi3wXOAeEhqU74U402zqi2sL4Kxr_HFOwPMWLCH1K7UdhPY5rycoPzXtohiwXYIp43RrZ4pYFQfo15l-k3jyQLGrqWUEh226u4AJ8B5M81gbz8XptNtE2mnsGAUddJFVcxGt-dE26Q6JwW50QMZCfyU4aUm5Nfwx55C9u8ZPwfCy4V2jmfOn0wpXh14Td8fHPP0XCLLodwML3sqF2je9KdosfwOoOsF4nlJrGz95eKYMJjOmZMhDFtr9YN9KULhkVkxQ3HVuTYYT2XxpLuWyUiO8xTALWwZB6voAjez0yWOdcoBJuPCW1vIJntMPeJaX2Kuy9RV71AOKDW3MuBKkp3I6LzJ9-2n3S-s5hEpVGkcXD3Z02QazpgKBFnFaLZRnyWfywUkkXrrMw6XoVbbEfPRfEZz1BEVy7lHCWyy1ML3hIgUdojUVGOS-RZSooazHjG2aTEJgkJ7oCr7k57s1leq5EttbNtjD2u0ioGNIAjy4w56evFNmmmvxxFf8uSfa&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  162. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  163. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  164. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=oO-ihj83gDhtE8PoEnANHqrkdyGYarBgaUJ5ejqCQJWGVipFAQDf08xzYU84zwb1CJDT09XjYtbb2Rl_kqHKL4NFXdxPmmc75CVPxwVH8Gk_A_qm0mss_4bmg8g3TaZfXvvXVpNr0uEsnVMuVZ-sdXX69jfe0Ot3damGcsKvTMpPIldAOAze_POL2y_r2GUDZGeJNALx_T29CY_XRmuywCL2fTFbc_39IBMRyFGZ6zuqEuKUAVAPEl9S1WUViZ6EnZz2bXpBzTON_n0ucjQ8fGfJa2oiuQfKhZhSJv_yHylvwhm4AbJf9UlpLq5rinKy0u627l36LADhl9EYn31Q0wFbzAMytcTtjR8a78d0lnwn1Px68mYPe9rv-yMTZ52UV75Vl-ktPi7q3AZPxKUQXO48yX14ua5we5IO9JmM38FQ2VjgKpFkAl7YMDGJatbrNZ3OfM6uOxnrR6b-UKa8pmaxriuafMBWXxUfTcyDBsE5kZ9kUz2CsUMBqsKOBAM80Gl_I2N5nUohJMXxiIe9h-jhHfZeuiY0HEtb0TSQ3y_xBRpVzAzGZKRIH85En-UlsgKdEk_5PZeqr5Dj1BLW5k5075ZiuM9hBYlt5d88lqSPPQbvOp7pQvi5P-rVSFKwAgJL4Bw27ZV24yYzHfYl2ssTy92aquk3WgWg&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  165. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  166. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  167. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=PoIxXItVYDVysa7M6j3Txi-9m0U81AlyaIc_0qghSY2lto-gLaSAqm5ZIICYo5arXQ5Rsffxi_UUxUD_C_gmMMsOb04NbVu_p4EdT7CRQmDo8v6Nn7B8-tWQkzbkOVA2pixEpQVsPUkXwv80hMvcI3R0R6W93V-0AQReifpYGpS2SEJMJIDQnJxPIjXogoExQhXS1YmEUPg292tjNDKVVJ6914Ji6Q2-kBy-Ff155lAFjhVeaw9J2isDF9QqMtxwwiuVA5IFQuhHuEyaxOqeTCPw_czOqgKSbTioxut94YT3XtN2LyM6yWdU5EB1409EDLxxBODsX5SMKlzTObbmFsvnR-P9Y3xh06T-H-co1yy8v1ehNx2bIr3rMbX-MmQ6kLNVLAdWdwZeMdvHq9ruLF0Vn7plPnjI8Ot_XihPz8HQXFSPQBE2vcJ-pz243bAtd3An2Yhjwy1Qf5NXZjfApTz4Yifn0-0K5ssmHFCqHNJzMEnRo3Z6QJWsrO4jDgMNUMeMxnntq_6Ngv2c7bfj4O8Gm-kCOdyWSIwIrym9B8mBQEKCOkCCwVHtAkJr7l8siWzLfW2aRk3SZLomqKGP9oyTBdw46JgI8hcbAdu4fzH5BG92hvyHYqb5uElL20cHEUan69mWpGPuWL99BK16gkB2tE26GxwfMRD8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  168. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  169. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  170. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=DIhAKSdcxICJNK6pWf3p-M-TuqOlAfMBcW_y16JmnEummK6ftiGRt09IDLQ_E-VOmRFhNPxnyMmzx2a73dEtVZvNYCk-DkY1hdoDTWpRUDo-KlkbzDB7bWZF96iAdwbCoDultScrtmiuRVGyRXx_hjIS1n_b7uKsF1r5gcuo10GNEsmPXj5srBJNkto_lMjxXY13L4GgzCRvj5LKzUviU-420N64L8oMgeiV8UCRfvGsTZoZgnqDcnXPY2qiU2q90MuVGrhr3M33wtC4ORMpoNNnwQVksQC133Hf7LYCcplpCKH-PovzwxDCm7879i1Ga_3GP9cgy2ae1vbakiePpusW-M2bzic05JgK2QA_ny1z78XVgEpeiOEAyCJR4xXkFHhnYOt-4UShpw9pJ4YKSAFwGYHSbjexK46-T9Myir3gPWMq0S1WbH4OZSZitsUhLygkqhiYDd8fH7sziCLjC55IFYKKf5lN2rIdzaNqgXlDAlo2Zfq0qSid8VyzcWtBsXiL2nxohRwYo5INELpJoZkKI-RjKiG5aB3qgwVZTzKLOkqr82ITrckcrO2LfOCYmZQNONoBGP53WUTi8Gxv_fnnzhRJtUM5kI17eUqW9-BmjzuJ1zB_SUWLGN9mja_oRON-X2iGn4uejvA7FrwmWtpxKyJT9LdKCbl5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  171. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  172. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  173. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=RfXMFpa7MLoSIhoct5wELruEHHQ8b3HiOF488X5Zb1k1JaGgxMHGUDd-gPaZbd_ghp-OdMdlSVLuiwCnujx1Ot6ka2NLk1KrcWscoXRKjPfACM2wq1GgCEA4gFhH8UGqJ1FFTMBubg-71kWUnh8UC6pf586cbXgNTEXDK7YKPIp5dYfSZQ1J_0aTi8D7rCRIlmBtoNm3KFfGzZJQAz-BF_rri1IvCEhpN-Jd01Usy24EwM5lcV8Nk_bBBR_rNzhydH7E55rZP1ziRdkrEUK5QipHTC4XVz775G4pgol7EbrEd-QpL2jvFcdLgDjczzq7d_VCSktcaxKZj3wVojA3MWggdA6Ga24-cz4vqInF6rl0K6QEVUkVd4KfCmQ_am3M9LERqLehF4HOrJurrpEUuL9_LmZOEtGUCvMXrG9Zy_mXiPwObJsSul9mwMJWdvZQI5iu1eBP04Ly4J1pSYygLGw3yDyqsguRXFv-JLcEaSMFQ33ZE9zAR5l_0hDn8_XyNuWg6dJ0HwGIvCg-2dd8m4kL95E6OfzQip-cHFb0607vbtUch1iP3HjoLiz49QMd18euzhxYY7WHjua7eRJcUQKRdCJlQVT52C6M-ZLwhTUp05izUuzcEZXwNOLvFPwn3o_SNfmXRIuHYWTRJXc4DEbYh0b7ykyKbvW-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  174. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  175. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  176. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=eV8Ug3wvfA2-niqJ0589rc57KbbFC4UpcdNrBNaJwuyPHcwjs8vYvJ2Fbg_gyyDhWDk_2YSuLS-InR4P9fO0JCdqb7Kt2rSLHg7S1SsqavuJztJU3Ebgp55iw6LKYB3r3qg6lO4pnJi4wosPTre4NYinL-2FwZ6yogGByTyJOMt7CbtR0m8lMQwchWDkFpXAlUplbHZPmr4wnMWJilposZgu1UmgJAEg8TZCrl8ijrnSnehbjakGeU7U059M5HoEhaBwB94I4bLopci_9s9zrhNrJvA47FY2jAWP5vDCPAaA47_tI6alQuqmRS28rbY12OziQrAqEo67bubkP1ecZzB9YZ2bZBBw4NjJoAYWj0lj7hvO3_oBGp2fjZnMZSoGB3ZTlRReULphcFkX4xDj1dfFcql07MrOQT6Xv0MT_vH5est5arAe2vcHjxTOo2upMkCXtez1c9F_Jo01a9QWQOHXbiYR7lcnEOu745ULIX-h7M4NYelC7BBsnjOef8nikxgHh1wS9zogJzv8-2wd92sKez1XlO2oGGXkrXUbhAvOW6JsiQ3qT5UoPKZ8QTSulaYgA2uhB6Fbh-oGP_tP-WkE8J4zVfsNCFp1Ii-UwbKhT2aDAJMmBxtUOCdojPts_PRqPO1570VFaEq-hntaYXMZmvK5g70FbFa3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  177. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  178. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  179. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=H3HSgntP0y0nkfKgDHZ5rs0XL8Kxp79EnzNs081NISCiaRcb9gBF6N7DrvGJaKX-st6mj5d0gf65TyURrYhqBuauEtQO4HYovXiHMiDtcOvq9qdWSY4FG92E4_4AJx3qaLJO3Pb1iUf9UznZ3K8nyzD42bWW85v_XPgAqvzsQAFIvN1ywm6oAiqq1cdspH9VdKz061Ty1Jlih25Nw3_2WV-wIki6dDLHuQeO6TkyXrbrjMTtRik7_rCodOtBKQGUaxdsE4XfaQAaD0UfD1gXuGsben1VK9xZP9VnPl_TgSk7LEgA6GoplUxSUaRKWpkTNRFvtntYefolf6seSOOzJv8TrwyNZPgeVSYlh4iCkx2rz07D9ho3ak_vMOViu7qexwwAJNPaOqkpZca3lerGwMuHeh4uF1rWPyFqiNGbdCeuRGg4H9f720TzeJDlfIiayKZOZqIre-kiZEBt1H8pkTTEujSwBn11VNpPp_OPUurYyR-5iNsgels1thKN5jmfu0XbtokJ2QxJ9uxaZTOknAMjR1yCp3-v5-pS-vKbMQHEj0FvO5FgYoRYPZLzwo9tmSEBczaB6uaSdLnodxYVXB2xrlhBKZRXkKAsTuDFkNRhCV8-bQsqlN1vMxECnud1La7z-_hak1fD8a1brjML-3wTDS3B5S5mkDsc&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  180. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  181. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  182. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=mU-0Jhpi7rPh5lm4rkLpOR-g-wwF8EYNNrWHYK8O35lvy_q-jWBRJiXtFgI4ZbLlLfZfkd8AJ8ks2cKI2CATqmyOarkOaQp74x8r_E7epWE9lCN6-1x25BdHUeuHHG2GzVPIF4j_VuCk1cEUgtu01n36j6FDj-46xsetcjd0zvNoET7ubvOGYk-UuBx6I0YS-PcxYflYYGQ5WhPYfLUQXSwjsxCRtDJSH9yDHiJeoMr0QF0KztYgTHzAhk6Q7NelPuEbnxImVhsqU9yzMt0DsmHhOp7om_gsxRd8bj8hP_mdtGxhEy8G8M0aHRB7ckJuw8p4WEpiD4nCyC8C3Cf32kc90UcWOXzCtHq5Y10sGT3JzlCwI_RjyBmfFLnuiBjBKU08Hlnd3Knehcfbqa6teWym3r0aioJMUkHxB6j5ZBmauXs-iQm97s7IzWMo2rUVBwHfeXOFoP6z34MvTo3M05o38Qq2Szzd8CKybQvBHCTQwsCsYGiemj02pqvz2IapBhFvtQT-63T5Y0caSuJDIoFG2YpQL6L7jPX9mfx8nR5k3w0EgMa7HgPfuI87NiA7XxGRcBNDbkcr1BGDKBzT5D_VtrLuUEs4FLYKrS1EJ-k3GueoIVBDic_138URZ7pUnAanfBcbSaMFkYuvc6mnpyLmLQlLDOAsEt-n&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  183. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  184. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  185. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=ESHcOV5892-Lk0WvyG7lxkMkmyRGOpVFjKaBjhDVj39LDkoI27En9z2pltQ11Svv5IqwVdKKfGlrKF_L_BzefDzuEzfzd04MOxMeTOvkedbQB-Jup1dAXD_N_yfZjeo0vHSiOfQLHwT24dVdGp6xLn6_7fDkwYuDKglYhG9nHgtbTAsw4tzU8J3QzJFFOkzd6EBCMdTM5NIrnDpXRAvYCUKjxVJ822zgpYnZPIFkXSZjOQzBEdVod0tsw1LtlSnYMDG5U552NWdsWgWo3g28Naq8LJMRoRuliPhPvBRkpIig2NPSyS9ycm1YU7srSByt4DdomVeZuc_DqwcjDD2HQHPaVxUjuedyq55aTUWfZ3WoiQqOq0RBV0waZU0rGvPJ74SC9YW7oFPofbGRcE_ouzsihSLf90RKTSwkMqC7DE1_FjFCu8b7zcUAyjOakf7RPOAQJURHvAy70TzOl_fGEdASFhXZiAxyscEYoJAqykPwyXqoBdKS2tGGTALlCjWIzWqsY-0qWIpF27hkOygjOBgP-UeudEntNYUnMYr2ZKmm_BkDOIEuuE0xYqFSI0fGhsW1yrauAVPuX3eS-vCg6CoX6ZdFGAgi6Azacki6rgnEjfgn-ke46QyqHhefnN77PvrFe2fzvDrIcVh9MP0WyjgCYQuYhy4CdVyU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  186. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  187. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  188. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=1wcpa0r-q-0EsQXun_j8A0TjX6pd3Gl3_LT4dbQoWCerVSqg77aaIn1AGRtuExfVn247clFwhCvHaNqsAW7k_-SY_hX_ftsTw9s0jQPBKGDo9Q_rQep6aNceTF11AIAymvTqYqzEOWso4ORaFwaE_HR_ypwz8E9zt5HEyff_9jFN8nto0VNlQutc-cJP3xAXNbbFj4lyiT50lu7zd2zBOzQZCcB6s0t6KlMT7UGEEILGGAUxojaXXfoHOu-HZPHFxB6pawpgQeT2EcWmeOKCrOQbS6PNLKamxC-4KJWV4rzOIxhr3-kDfMsF1B8s773YOzPqnN_J9Gv5X-QnOSSHJ5SACv-7qK7-I4Wqy_BqzcQ_8p1PxKBqTobssVSAN3ayhjaCbVdY7bDeX4j20qEjCvV4tNwKbinfB7Pg-M1VmhHa1eh5Oqz2dInzpp9XmI09-kRrDRCouhs1AEwHCYwKR2gW_H9yS4YcjIwKOTekSLipmPxip5ge8nWrZ9Yfbm-lAM-MFSI48xDOOcYMJIoMPi_7mmSfxd7SVL0Hq4UiSpw1UyYUoZxqVyfnzD30dz0PkCTHeiR847uQ3ZfGVQ1pf58IuxmClpJfp5YkrN_2tRN2pr1DZ3fSSCZCz8dmGSxxglksMd-90VM379_J-b13JgAsFvRbDwiPp2oZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  189. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  190. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  191. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=xkvqffJeoNqca1ODZgbj0fDiq7R6EyOfmRLv1-KCxV6A7zLumjNxIMOBMRnuPs6pS1-BwhqlvDpaRGwHbASIB-_BKFDFL-ntqwSPQ2wlaKM3Vz0fcq_hwcldZ_tiKkzPJt5u1xATI-p2gRhq6EOjTUEzUr0KDM5dPhALOT13UzZ8pLzXNjR4vmr2_1NMat5OnjjR78VhRQCRQoFy70Wi70Mg55P-JH7Io-OfF8HL5_Dt78ThLXA85kQMPGJgTPXJOTN_zntbkkacup_OLtb754qeVmLfcFpJlOpMtqn7ABs_1rMDcRbiFLbB--n2JQ0zKWWkOAObOnBh7lMrKkw4_LJHWzVu2BJOZrhP8uzOrPvVPOYMKVZlhU2xu8-h0lXrDiBvwX4_qhQRN63KiPzqpnShH7XoDSx5WYrqpfrMRbPbpfRjCLV9AdjtWmXA01xQLBWmBA2sA5Pq9apYtdpkGQrRa0kfzHLmV9sFEUfByworA5GBffziiDxj8wVqN0SayfzLutv8l85JFGnxEGGP7-koukfKynmMMtK6zJiVEW6lcmsumbd22Hgay_HZsegTGwJcpQsJOa0Q1J8N7crVFF-6qQyVzXL16JjsHWEqj33qbvqOfPo4DtaWCRHdJrIUlnjAv8w_kxcNY_SF0n-HyRaPe_rzYCb_vF-1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  192. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  193. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  194. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=bjCTFwTDaX_hz2WeQhyE1pPXQL_n7an3nn-cCxoQteDD5Tj43aAO2DB6x2pGtP-7Y7uGdwgOH9RohP1uf3-R6BmDkOUTMrjKEznP4FeP5N2buNF2QhJ5hKdSPVV9VN0sLtBHgjJpMjYJttNlsCOAmHXA3y3hq6AnqEpvQPK6wLZBHaM0DzlrwG4t3DE0-lGtlIVbgvQ3AwHouL_QUzI_b-xiHiAafqIG1JCgmTzJzV7lVr0eCQUc8u8d8N6Y_bkbF4fdtnxsm0T9OOqXRJLfOJq6cC3Vl0hd-k9_S9bHynFrpOIbZxRtsqGRn2HKL6pqRU1uD9sRK72lB6WNuvT45hP5sbCuXVidrYIuUkiBHTQkPJ1XYTPFTnAZzQID-5bTEEQd9r0TlTJm8AKcKobybXvxYPhWa2pSnlki9ZytebVQSK9K-jcwQmRmvJnpNjZskZcgfmh4yCQALpDqP5hC1fG5GPHOJquhNeNPlSdlyXdsyMiUGOdktG-XUF4uCOAqYlx1PKd1LJI6ywwjUYkIEo2wt4XXg8Z55BnmUwUPHJtR1dyNrUKLNdbZWRZ57ECnlR23Te6aJ_bGnhYEgXHMCOMFFfn8wNPKca2yd6BibgoNbkW7owodhukgQmJYyk2S2h3O3FHu5kq9nKkdqCdhpsjOf8l6snGOmMYn&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  195. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  196. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  197. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=g0fGVv1yJH_UxO-ADJx67KpUINaCDMQjac7i0KHLBHwTPXkrEunRaKvSH51JZ83W4izOfxlwPdy0IzDv5iRSETj0hsXXNLpEDRK6bQGagrNUzuJUMOvC0I4yJekVWvJdg5_wsFtYcnfyb_iG_r3yyknwQXxAeJfcoEz4E3ZJ5h-sW6cIMz8K1WWCSUwO882w2ykSIA2L--uENJTXTMQkksh6MaFz8od8xQvF8vekTTK5OK-ntZ53V0xeLv6IgLTZ3jvcK7y3XsdeEpRTcE3wiBnk0QGHpSl26r3NCqgoWswHyH0Cj7IhCBgcsA5Q1V2ZHnfVy-3E3TuCtqPahrf3QlvZqtlc5MeYr-jzqQ7RPJndmxjxYtZn547QjeoL8BJQNmt0Ko9Vf5dk12zB1Ab_jjgR_3ki76xHk187WSkG8JTSEG3NdLgz5cKLsRq2TCJ19lLaUbvwONkv6H1jIaIc0gzAfs3NRFCJ657bXgIpVV8FAm9yj2LmNf73gAWim699coJLCJlqySpWeBjqKj4_VAPJfEkEe2gmNQOIuALiWg9qEHZ5lTz8SjnDuhQU06yDvhme-x2P-79NbWQI6f0LK6XptR-em0oHeDw1nvcZ8w7nCDjNx5bfMi9OY5y0LtV5ODubz1JchiMpoFg-jPHL0WKezB9ktt0NXZrx&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  198. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  199. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  200. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=Zrb0hceFVaSvSQuDYbL8EUvH0tHXWD7qKIBwLhyVUKBCOZ28tquyr5COydRTfPoBcqnoWnpHn1CDl1UB3dxRH2uYSJiM2H4UImEZDVpnraYkFW8DVEAJ7xFy3OBm6krPLj1BNkrLf9LYKJjQygvcHa78RHQeMR0cYSuBbEpsZq47PQ_f49PEAWDDivCAAm9jBVTmllPjj8lHj-B93NWVC0F5CFhTec0f4f7yw9Y_qFKkea27Nxpp3ittC4h0YuQRyOfepVuad1EVJsdu05tMYxbemhTMa9qJRSpD0HNA_uLU7AolnD1ovHAotknAs6ms1l1l4j9tmW4DezMwMPM62uMhR9XF3ikOJ-RS0jn_mfdvG0BjvOTcc6UPjdbtE7oK7X9o3lie5Ra1criIgJDFiXKcEgWZisdbuyloUdciVK4O1hx42MqCsBPkIafBiv7dA0Gmr6xludZLiZ25el-KfokC0-WkWntxInGWcPTXdZzvlyPt2o6B_YAxI9kjk6fjCUFnUzDWZyGa5VhrRSK-IrKg1I8oWUs-pq0dvOXL4Cq9KiQpMVQgmOaAUUrHKo458wZwD0TNoEOO_7ggNqPIZuEDcEyRagSLJuQz8tA0J_GHEaYqwYzelmHG-Mkm25koDk3cB9rSmz-p0A3bEqrJORU6q5Mg3jdvDLuH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  201. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  202. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  203. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=OC2cYObkbqS3ngAeP0UHbHSyAcoJKyYCWULV8n0fYI15SeYwrPuL_r7vcJ-dJM7H8satFqV9RgnkgTCPrfIT4dP54_ANIKyQVfjq_dOsoba9LxBJ1lL5Lz27ONfUQSvr8VD0iDAoXrttiG9Q6nYx1N3yuKBGHWsR7xFgS9tTuhgt6HNvN5Y6EwKmTScG3OZ0PZdzTydFZznyAVEFfCL_9rvh-CdhB6G2anHaGWJtOIR0is_VJIjp99UOVYxYjCHkESIb1EbtcQAcdXHOR08XFx-AWiRhVXC5pzG4ez1JWm6x1xMYLmcvXX0OlzPh_iSuESHYZnf_r-rY5xBivsVrpdTPs_LqRfMOdU88UHPLfAeqg7HG654D-B6mTAksMMB0KocIAXkCHHeGLJ1oa7fo6eMWNmx7E3_f22AkTpJRTPzgqBke4htiWqJETwVfTnx4qI3x94bj7xMOm6hlwKFQaJakyJVxnAlZm85s69LDEeJWznWzBkEE0oEXIHqRlrKkGn1oVw6B_uTZKW8-bEYkpbHQFgW237mEmK2wEoJiMIj9yngEJ-ZiV9TUhap_jNNX6rsgSxmdKz5diPTp-JuDyQhEQcIwg4LWziKRBdMtqEESnXcgoBdYkgbYMFFl7GBVsO57-aRk2vTLuvMfmfHsfGMB0x-CvnkkHsLO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  204. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  205. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  206. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=v_-GL14RbP49TvtDFshJxR2mqSiNKEriPK6QyCxvI8odk1xSlh4CTX71dP5EIb7Um3gcL0WQbSU5gMCUyJvgDyDLDMAU693LcontmmtX0pWVnYa91AmRreIQ_c8O7qZ5_Wuhcc83SWfcYykhlROydr3J7chY4krYepIcIwmg2w_GezRPyxboRtZlH2VrnlJTonUVx3S3XF84bm4rKD856Y3vesFs28zUYiaVZVjdvHP9EsvBQajRe7MV_epdrj3XtKrbVL_ZJBhG9pvsWn8Y9qHhjU3aNZERL5_ok4gEmEIMZkOaaIJ5woEawCsDiDBNCdg1nDqb0LxylgJJZ2x3HnzYyanj5pfWIlLp4CQ9ULXu0LvXmGyL1DUm_-pHIBYb7iWcqBxhZPzlpvupNDi3Tpub-hGsYMHNDa9I-8lRRF9KCiHywfYBx1sgs9vNIQJcMR3ypcqRuGNToe-lJ887pz5D-XAnImaJUH0TGS31uvTds8Bg2WZOutIKrKz-HHJeNu_ptDZmOX42iOlC_kBZF2WVHcxktycue5oH5lrmjrHieVe7LK0V0sRwenByZpgFTEmZ-UtlOJvnqcK5-wLGeXg4XdbVUXbx6uAj7NWwjGm1v3dfdU_qUYokGv8iuFeR110U3b93aAO7uhYis2MFJecz4_Jmg7LXGc9M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  207. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  208. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  209. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=p_5CD-0e46cukgkaPJyYw9mK456zXArmtcoLuE91Gk3ZXaXsI98sUEplkIvFkwExzUDSNgL8r9BO7tMFdF9Fa-5FJWikXaa0vhdugmnkut6kGTVvYbkMFx_DQ9t915IRVukF_vka2Nwq3JPRb9LcyxET4QwZzpJHMkFJ-CA_Z5khUCSMuI7EiYd8umT4bxAIgGUzpvgXz8ZxlmlCzYPzlPffNrXU9orAH7a-8azgy2v2QJCxD9jFs5C43QE74ubA9SFvwcXJ2eaZtNntvH-KNXJzXJU5JvUyMpUp7Z2Ju7I9gVdWQ7Mnvvo0be0NGzhnad5ksJFn5u8PIt8Gfzlr6OSm3k5XnCZQrbgK_NhXmRRUQ6bHNiQNOJLjI_r4LFn9_4jvW5cq_q0Ag4FbdihYsCakY7rcIQVq4NeczRF4__H02S_E_J08nb6_j5eRlxMNY3jnqBQsn19kIcYyhSPbTCOg6z3pbxY2Hio3yz95ZjxmufBIeH0wayew4zgRv5gS6PJqz2BrlHLcZuRDQJu2mw_VYZppKVTJA9vQL6jKWtAZfpRC-CZdqdxTyq9tnASU8A-lL5guFP0gIm9SzziluyR-W7DCkZTLz6J0yHlJ5ac_7b_tyLiSDyPX_ixd_6hag6kOMit-GdWeicXWcscpB7-1Xq_6O2sorMt8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  210. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  211. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  212. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=A1IgcBPXr-vKtEX1fZZbTIf05rL42BERjHZQGyaoNWMHoGNDRh7C5x7ZFenSaGUl84gUdy2k2Yh6iuuV2Hr1S2ZGjYNIC__quhY8bBx2uAXQ4emmFKRQzJJn5DBZyCqgSRSv-_lvBUEb-UqYZLObIFhEdfhrjB5B5eG2W-Ct18-8zJyrB1Dqgj1Ps3uwYVD6TLVa-E5Y7leD5M7nsd6g0PYj7KlvmnozqZPoouadgakwVgtoS2DeIsing9yjC6e-XD_KQ2SKLcredjvG0U-OwbHHxM_oCHri3WjUZ_i5wtbJ8vJNBFQR3Xdut4M1MallpH9h9sT_6Vu4DDuEJsham1TNAqfHfMnICxQttAhcLmTMXF8a0nTGlZ18uVTCib_ZD61P7yV38wp4k0peHaVF8fTH6BRbEuIZo_vrANwujFzD766H8NHrjROsSXJzefNHfqFHGQF32DQjLnP2e8XvCB9j9EvfJLzRnKw71Wh-FnKl4QaaXOoo0trbd_B9uKXs5fsZMmwBQHbhNBTKgnLXs5H55vPpZCq2uNe10fIX4ruSkQWjuH_X9dEETibqeCVciHdCHO7G0ETuS_PKBskMcqPYLjnHX__Q2DpCouiRJ1oirUNZlsGFiV4qRD6DtzTPS0USXBIaT_kGHNeOs0kCPg8XLLmI4CIegQDG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  213. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  214. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  215. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=5N_yjzwN-7pwtsZIBNMa8cTkf9TMGDO4MK25RoG7QFYhWbWXBzItekO9Y-W6qLegJ-WTr6GdjceczYL80R5wwCHM1oSEUmyPm-me0NLRlscsgPWraRk3dlz21fhlZd8sPhJCveIuH-Smvvt-OWbY7TUh9k74zeIzIn_vDZKHnCa_EdWU4O10PF6eCj_59RwM2DlKkTGsnPeXZqj3WqDtbXgNxXA2kG-5abfOTljHzxLszJ98OYenrsEIRa2P8l5J_LZsKUJrPp-QaNx6nbb5k298M7OXAnALnAJCibhpBVS_tredl81sS6tPJ-y-5mCVCyqUepluBcWsSirz2B8Y2RcRVMGTW1BOl6rIZSEGMS4YGDiWuPzN6uTZBECvRML4CHCkIY6gU1OhncrcFZ89Ap3C7-GqmeHaPYwYKaUQyo7Lxtw91JtigGUN1tU3lVyMRavIoRJUsi_9K3soPy9rin-k6pqo-AqQ3d0xlhtNQAu5Idhvl5THeXG0w6brqk5zn_5Mg9eieT3a2v53__MYnDvLPNreHiiziGtPQDXEXeenp1-zW43mUkEjHXTTf7V-Lp9Sf5uhmB8LHCXsYxCgC4GpiqTGB7t0Hj2dC9uCwIjz_NUDJqXzNuzLYa0sktuX9vdU_6WDzbMZ0C5r0zWeHnOJ-sOF7szWPrKt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  216. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  217. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  218. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=cruj045SzEFS2FNuF-N7KQ86wd3HRdDu2M5R-bmC6Q89pM1Kx8pK-7edBFV6EOw6L9whi30Oo-yFZMI7d2eOaKmeqkbYw9QG9O-9mxKKTHWUUPWwRs7T_WYwiMSAsq8IKd-EUInrlQPU-cds8P9acubLV_FwGEIsJJmWALE5wkmVVrkfRLl8HstLNhmSAZY_wezHWnR1QIqjGKLtMHiTC38R_74PDs0KEqSCbQxpHOvUAQ1sYGShNZNN977h41OFUMiZgMpMHtyHY1F4Mnrhebmm4iyAjENx3HJ1sDZujKJ_DsHHlqz1Vjv3p4tkxalNDOrDZJpyZ9v9p6N5-kwD8crQI3VC5B-ZxytpIvQBv_SUH5nC9utyGG0pxEFgY06JEVaHTk3rXx3-FMNGUbsOVU_QyBn9F8bFZWEJIKOYUaGDNryOg7c0Rq4F2kFAMi_0mf6a0px0k_sdyBvG107eU_Io8-PT5WQ5ji_zL1eFMp09LQuJ0FvrNH9hbc0DzNqsdLU6kgDAKJxy-WuvxO8QA-BlVkZon83hVBA9-5tWUqSapHY-ZyVsmx9lL0AYUAAivX3ma1Tjm3bEF86nn2-PP-P9hCjG8QURWkvGF2P_tVaXJxCDrMsjZE59ZcR6FSFmxqh5Pza8on500ujOkkPRm9wDzAsp3LxtWKeY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  219. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  220. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  221. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=jQf_npfcx6srCy_P7irSW6MVDJtHZYpKuPpoQ1X0cLQJDUTnmkfyIPd8Aw-WVenAcIFGdFkuSOC4sYKm3zN1E2C5nk4naxGOQNImqZ4jcku76vKsqrurA-EdzY7w4Kxi0e6hw1xwCEEb0TZul3Nen2OJbfI5pZ_cTlsXcM9cp6SWz9Ure0ZXxxnxTUF1ONe7zYIGWBAf5XdeC_S44ViXu9f6ri9K6GAy6hH_9e4eH_VyU6kbE_YmuIuxaN2SqDDI_j0AvyCwbybuVDRParHuP5zfDvkwHf1fdgV47ysXevhC9hyaGO9UWEWx_-3s2cPFq0-Zxa6jcfOfrVu1PE3CXuyLxHfmwGvYSd5eJ0hLSB5K6s09XRhBqiUia5TYD0nIr9-YHvy-mUsvZ4iHqW18YV4_G1GFkrjJEtLKD3XWIiygipn-8fZYjyBTAyZ8GfTqxKS50LgieCzkT3fdNMPq3iCKH4arzpYsGaHvbhB9dghVdm15L6ZnXgw5tzbSE7xFeDZgMTyh6P56R1EbA1S_bMwYaOiQzjbfZ8lRzNCEh32_pZbuZ0jcsgPBNDtPCuOzGRNplEY3Fa7rFBU5ARc9OF0VW8RH6zqOju-iRzuwuJvoNn8coU3xrWo9XfgV4sBhCkd97eBryDrHb6RIEB4mZIiIQUEDsGfeJvSY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  222. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  223. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  224. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=TI_zKQYzVQTzFyxqHURJ0PotJOI6U0j8kSdCleL30892sIjm-BSfqbbGBdcf59N3n8Ft2ZfCXzCuZXSwr3S3pNufeVhLrkK1ABxonNOXhLolqdvsjgL738RGD_84T8HmmgtOV8sIBBMlTnc9ULi1m1wZDmyncCajm8zN62XpRyxPhfuSxQpyy2wWQi6Aj6WqCGDuOADHLtmNOSvVGFQsdFDSbaCfSIpxIsn3OEOVxLcJntfZ32BxAjNoa06f3oc9RGRqr1xjuAWLqPWEDw7rkgTf-6Qp5lr02qrz1c93_REjrLybsCSMpdumxixReu1Vu1doNrPrpbD7nqyD98NHdiTLyj16QZ9eKjxjImXcBR9r9O46iLNWHoV7lADldGolu7O78xyoabrobqGtxBl45EmJiZzTYUKhKoYB33-artwrNwAkYSLNwcezWAuhGt3vSemqLV3sFHTGdobqScuyw3oJFVS6qY-MlKODS9qTk0yWFWb_voOE8h9uX9bt13-wDKzxpP5NIp7KHvksGtXF2yE8kwI3wFS5ebvew759ZyYlvhbcNR0CzsSpGBWsj1AhvmyoVqggpPgkhGJz6-Qc33H9pFWIgqwJM3MWUEjMrGbqSl5gKLGNpFIpYw0X6oi07tkH5SbM7ZBC7Eyc7_85I_SQCcec4_o5vEO9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  225. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  226. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  227. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=frVN9dNngGMYsPHwWWfdLBYOV9cV5pj0KkOGmiJ8UvaucWFoPJTU1MILrbWA9wyh9nRlBZuQ-JcTy5-VyFWcsU6NYPhWSsDl19I4ziSZVwYUFgTDoB5reYkUnF66eBHgxfaSDrguMFM_Us-ZXNMXsZWsJvQbyzV4Ruv0cuiF9dm5TF4PWRWJYGfQ3jDIbb_TtsYI5S54cX6LZZt4Y2VnlYHxa4Qo3Fn3AhhUi9e7PloWUDhtTivQjiLA6TVZr5HM1WWxN5TbmFkylZCytn2xMzhb9DPyaAulzyKl7iB9MGvmKN0GfKWH9-ic5FFzXBlXHCR4A_6oYzDLlv_ErcR7Kqr5CIwh2Nzu_jDCBbm7CjZg8elEQVU5zu0LR2p34SKByZfilLbur-BWDVohhXGunCtaH36kqaGHdzBdHyGLbrp6Tjctaag5MZRSNEjFIRy2vqeqqPvOiWxNnAbGnzNunsA0XewExRhT44Z03p_ryhEp-_rmqwqqzTyJk_Ejpgad7jCCyi3gaem0so599IDf_IP0eG6jxgnb3isgdgeMc8exD4MziyEx74t7n4SbnhRl9iIRYKvfXIPf9OE_mjGOx4yQoIqWLH3U0g1K-pTPy1MAcJoOKVadPS_FSOMwKuxYgbeFfubI5hPblykausFGdY6IsH4FaGai1_u8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  228. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  229. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  230. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=rQQX_M5DybGA6KAMbHbm1wsGuyh5B-WDHDyzYcmSrgri1egeNizjn-tpk4ULLy4krqVu78LEp9DQD7f0ZPfP_nK461QoCLx1KZr3a_wUnYDPqIhe2fvdXmTLPz_glUQeXB__vCMfjIIEs8uJR5FrH8StfgcikluSxqz0LprpIrVsVbUPHUw6jDD4chHRIZaFXfrV8Q6sFXFAxotHGg1btzbH8hxRkF2HAHTmDOOiqhfbh9xHB0j0GA7XQr1YU_TI5Dj0Vi5L6JVvXA40rF29U4ABs0lSF2ZqnN1isd9hRT0neQ-OYeaOBZs0j5tUgNj1dkcekOl_FP9dGxQcUKcQ4vGuvMpNZWBNxVD0NLii9AkwRuc87C3Ty4Tl2j3DiUBX6m0GXTtnOK9FZsUkNa_4bEa_TzI0IR5RnrIxIwCKqOu92q5fTO_bgPJmx1QiAy_fp6WF_kDaCfVNU0DQqwJx11YRV-mJYoQdQSZdIz13IIMygLEfrn-lCi70O06eFG0oVt207mw1lEVQFutwKymoiDU2e_dC4fg7SgswNSu5rwric69U4_P18gnqq-KAGHUcTsuQ6v-dRXRKtZwsHwOlZtpbo0uJlGPBbI1nM584dp3--M3RnR8i5ZLfh_VfqkCUNWE0T8vDsVs0lutYnEgMbJJ5RMWcbpgh34VU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  231. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  232. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  233. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=gomq9Dp9qVJZR1aW2FKQyuweAAVE0kBz17WM2cXZ_X6IMPtuE9BRod21X6KUq8WsMmgUzf1mIBhq5ceSGczRK6-Yq7wzpZD3wvGeZ9q_CzNYizo9wIg89ZUniEHD53seys8wsHGAus8c-gqiiIdJKntRwtLzdLBGiChhmCDD_aRWSlf-nK_iMKo_L59-vrS7ebJLzEKoPOLF1IHBMR443UWzzmSJeHQ-H1m34rPWpfeobMWEihvb2PzsXDy8E73JyEwZTqJPyJ1gIVAmgi5QMdCrNGXSGNCKDaun05NFyUa0tLnz9ETUH4ooRQkkRxu_O-YNdkzBt1gNh-EPzzc2frgZFaPyIo4mc5FdK0ghjJzZqGf3BsumLvVLplmLKVD9WyYoDEXkvJpAZy_OoZiHW3bBFDazu4Tc_idRCTTRy52uCPZa7JXf4-sMhsIaWCsnP690ujW484XQ8k0EqPZenaYPLPSAbAOjQyu5mdoNX-DNboBJKH5jcGwfvjueVmK3rxnxTCYULTECsGrQtNdXscZpkUMs4wzrrdOw0BD3tTvkTdgkSQtyq_tuqeQk3GmNtgXgdRoigdd7sfxzfIgFFuJO2nRf2GF7mWYuia3shM7Oh4TMH6AoewN9wD4W_k4_5_BYwM3sz5AB6pAqcDerUPWQKMuMN7qehMgJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  234. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  235. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  236. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=Z_LEuEDvwwQ7WRc6qOAc5wmtMLvPu23IO6kxQGuGfxV5TJv3OWfzOFtFSUq5LgMWaPanXnwfffiS1L2eZdaUKyP4dEE69aaHjRodZj-bqFemb4rufdgBlYr5UW9Lo5gYr7nZCdq7qAp5Zf6px_ciVXNjdhzEctvt1ufhX-E6_B3WWrojMjODqYFFgla9K5A7XMlR-OnPreswY1H-8UNxtxULThxP8K-mglm5dXkUuI0Ni6Dh0dhEQPICoV77hnblkSX7HIT4_XF_NFESZf8byVRRHgFknrzreL7DVmNarCM60E65lb4HKVdXaKag-OtaGzIlZ1R7lfU9sNeR_duExLpsjh2ODFFHb3_ju1Aid88zWZW1SfXlMR-0CKcupa-qeFNVjey3VrfVaAwBrjwtnO9msmblnhv-ukAykK09QoxchCXLDsnzahIc-pfCydGMMDiJvmam8tukSX-mFqHgDOwaHbUf8WKUqXzqJw3xKa8DoNlQ9l58Q70wmH33GPER9YoVHww7PHEI3L4WmYPR4lEGAjc9CpxdJP6pQQjCFerlBKI3vozhHTom5Dh3dihekf2fhitT2nlRswWrv-hOJapb38Xg5KKtjl4DKYig60hasS_hyrqdEJyInIPgkk4ZHwTcgM_HplxceNNSlFqe24RWXEi3n8nF_WHZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  237. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  238. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  239. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=EZyKCZYDtAh-I1KKaZIeiJYKKPOus-mwj12E8wehN1rdozDb7vcKGiBDsCqDkPGnFZgnfMBSaUQ0Aogq66jUH45ac3r4RzJ0OiWRCHZegJ5eNtuNr_dNPs01m9W3I9WAvunwYkuUbFaQ3_yFrvAnZFsQgfxlFit4JRh8xMNRk6iQ5ay1g8FDDtTFJQhevm5AltekJcmx7lNsvUc9mqmhAmMue7z4efdEs8bF-26vxG3eyXOL09KJYz9bYVhAuZeBvnBdkLgLlNvcZKxU4H72h5Dr1uH1RTKaYJ2lBPfw-Ora5QLj6AmPKZVouM42qg44jN7eIVLmzn4hPaymrcpOf0ZplkYoAywrtNeiuKl7IhU96Fa_3d2A2kkIoj3iEE6r6DA3zmj52pKDVo1RBXwgOwJEZp2uYamNjKdDPWymHL2QhKnHPG_v3GPyVY9DW9kyvOhkTSPEsWE4YEDIhspkfdb6HemzaXPurtF-nhdEiSAtsODxl-C73AGEqXGEjHptx3dj6zam3-ZdixPNthvA6MN6BzzHVM5YIhhK_4rEDXwr4IE35_u44YwiRNTzTDLRCt6pMG9mKayzkqWtEHmHDWl2Owmvqt-gyP9oy7wDKEpJNmc-u8Ga-uWNyh2hhcKfVM5Bg4sp1m8GXe5J2xBeRdxbrjCic5WIasy3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  240. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  241. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  242. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=MSr_kEDUDkBz--jlc0t5OIBEJMNUOvtoDWiOrTw86ntBYWwLXWXCyz7G7rWDE11ttUjnEmkG9oaelujFJtoZ6Ram9SE2mtxuoEwZQnqIpwATvRCgT9vVN4w9RIpOlkrhuk_3BZbBmbbMGZX1EmOTQtocb03I9_gLNSsTLVzNSMcm0YkR0hPQWqsCmR9rlZcaMXul3XQQ4uTBzlD1V2EmpIU4JgEcTD4ISblMQMDP65tkbdcF2GPNAOLqNaBcabJLujyVa7_j4Zmd0_HQM9BZaZsUDYG8veB6_hVtGqsaGUNXdFZIK6Ta3e1eez93XIL3ra__Cx80sD_a4Eg5yi8BpIMekUPLWQYYAtocbFvHyKYOEwGPc3EYR08G0rRmCR6RdC4o5bL0llHFxQetGkyJYTA8kMCm9rh0E1tAXOVM8LZXyyaYhg6-AgOGynsS74G5_rEJOzOe--ESvJ18qbpYm9_DcX-i3ziFaoS27721EkjzOizSbq69WBM67gfd0sdA_lNktK-dZ2xEAbQt58OzbNwCjQjsXTcaOCWZSijDa7A1g6QtAVrlHEcyHwQS2T_XDo7M6NvbX246-zZWXqG9DxRISiTD5Wi-lwrkB23pSdZERrcBH4hcjTYqa8iyEM0nF2UpqNsqETa7DPxBRC8J_Ja9EgVBjDh57IOq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  243. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  244. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  245. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=9dT8pItUhtG_PEGMgOpiuY3adnOEbJuU8sG5Uy9lb4UKkMbueXtpHamwExhDZPawdXsoGWHr7zFaSRME9YlkVqITd_yWXwl7G5CaWVm3kyAY1nRpv31XIWp5SfKc77H_hdCXRqiwcsgEJdaEv1rEh1zXSG3JfXBLMuZZ3kl-PYUThVwU03t0LnAhunedCuU4TCrlnjulPPOt4WpJySvxKm2X9VQXxLfZ1KbX6NmtbKGm6ZYK335WW49AINzxDi74hY4A4ble2elqUNEIcWMq_mqS7yZD5b7RrXTMLiTtpJxjFwOAB3Gzg7hrvWWmIJucrXG11IFBJMK6OUFAzZdHnovKp6_cdR7yl2IjFPR9jNXMh2A3dM8c240BcHruv3BUEd1fIoKTAbmVPelY1xrOuSrHZTv15JPATFYH6Do5cTWxZhRtAHA0spL12p0oI19ENmQ58BxF7E_a5fRRV1CA8bwbREzQYhSmU1tgILMifMZOXkJ46VbSJUuxPGYePwrDyAstVda2QwjWGQ3u5K7XWMZLbbqIcgojUcVkttxVc_Ptovk92R3XnIlYChS6CKKp217OTIijOrWenFWWqs0cnU4k9lfpT4JGQTfgtff-IfJCzwf3q0iuFZPjBmY4fkYWuCqaXGPRUsxA-R4EQzEqZ-kAfhMhb4b_-qZq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  246. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  247. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  248. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=-XBcuEPaPCtv6wkvBLjhAcJ3HY4iiammqXqRVTzxmNdeW8M6IBhsMNbbiXpKUhWDZaKfCPhNLOUvmbJXZQn8ioJkbY44EqhiQ9JRJIbyd7p8gqY11B-OIfuWjFuhDBddtVnvLmeWRzjuHSdbGKIQ7zUPHvcjqD64H5Axnlg7vX5jetCuvviVGTj3vT717e1q7EfVpHbVwaNaY439IduSOW--bsiy3rHhM5ZvHNjpEugRHENtMYEEs66-fqEj7epwwj1soC3DPMUXUWkVCzbCMaRQ9fiV1MqsCEjC1bhQFOgMc17rPOGbSgbTDxJ7RLNwufHP8SYFN87Tvyn8th1t4RYfmuWljs43TfypPtWo1y6I0yrzGhdTzDNbOdBgGJAheupQAcATMDVn9YWckKKiPVUnc1OV3NkfmiwzigtfcHG9aJOHyerq4FLGPVHoERFDrX8YebcnegfYXyTjidjEOuwD7lpEAoSNXauE94xIDghBEc8palYxxm_kgl7pWul-8eh6e5d3zm6NieaEsZvwuB9eBLo2ZUAPj3-4mr0RzmhkLG3qYyQLTYAoKC8EW3IrVmsShuLrF2Lr6-1SumQ89tfHqNeaZhFsj7VrhiA_OENAMwBrubRVpltALNYPISQIFqXuZoEmpkt_RkiXKrlm0ooUa8Tcez73sZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  249. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  250. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  251. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=UNrVG2TE_TvFnFj69zyf4vlD8IOf_JbZOtL1IteBUYblljxQnzXml8axbofnN7W9R4ga9lJ5JVmnrhTNHHLK8C98bkKGQeLK0qcXHt6Ozc4_MrhveIdTwiwktGVfHV_3XLTX0XM0yHFde8D_R7UxMWDD5lf1SndfTx8rK9UCnRUzbrqYkS7Lprdgv9YHIEOFr69lM8iQFvZ9Q2FJD7dtm4hl9_tlU4Z1_RlXrfWaGeKouxERcXeaJ___fertvPdihPUSy76IqvRXsRTzOkP8N5aiihEWqLGSkq6THfcyA9Ahsm-i-oypiM8iBeCnRDNCT93WRL91OxNr8vldiNmPh1pit3L89ov7d5C9RXe1ufu6k4FYJ2TvDTH6xjV692cPWPYYpo-P-5sNkc9jByYzBqW0WAK_L56DZpk0b-ogRhJbDQ-KowCenM4hHloBm7t93ZrGIfcSB_93RMBo6U0g953WqBF1cGG0bV2SV62QrDXHKJkDhoGNc4EeblHkDAyPfQn4lh7ZbEDbBau4wKL5JOo7cfKJMiyZmlPuXBKBcRa1LKr7V-tEH3BB9FifZMCXW7m5PLIlbV9BmBHZvhjwZiyF0YxjsWOAoAuJ4rvy3IP9pOqSXsawie5BZYu1j31qinEY73UmsU9I9mbvVURjemT9TxQ4yH2pc1vk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  252. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  253. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  254. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=_WylKkOWFgzkfcRUgZfyjUobECEFTNYtU2OhZPYqh9GphHH_pDqpqzghku0Wo49zaeT87YyRck-n-Fzu0zDmN6PGWGcXs6zp8vr2DqL-lLlAr5q6jW_TRFYGzLQToofhCtFPdDkikFJGscKJWwKTT8ompBrEN2T9vZx4IYozwxNi2wjasi3EOABc2F_rIP2OXWwSHhJ6UjRvDRqEvgwDuKPnr0Tl3BAFR4vdwzzN8wyjcPjQPFaiEuvFhHswFjXA4nuf17upzuHvPtfvZfv86JRblYWrWNbXpmE-xfi_k8756JEQhDwd2kA-0uazes1fzTbjs5fiWPtz7r5-hNOGnNCpWLUnk3zn2n05gV5jDnOdXCsbt3OEYCigf9ZiV2lJ68iIMUH0I75Z6W5DeLpoRzae2BzG5cL624duyHBjUNX71vsuCpzIedZMCbnTDQC9wVCO6lb_wx7amnJrMx-OXZI_BNyBUpft3yOXEIGAQKYdoxbLZsUTknTRbrCtpOwZQ93-OEVKE1CFbJqjT-wwy7ZduhVH2_KjbenW-OwjD48d5CgGkbYzHrLUmLaaikZCqXzWUkA1GAHif7BvwjUvpJQ1fweZpb4026hSkA8J6cJGBJ41RF-KQX1Lcr13QPffNVFdraw-Aj0adf_erd2xX2l3Q2xH8fO3rgt7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  255. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  256. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  257. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=EXFonJz3S3q5R9C03A2D7dyV6K-f8FKyfjqdYIEiGgyvAir7x-8gXBmxaML-FGoBb6I5KiamFPHOEg81ITq90wTmeiTDKZDKCHhyefZ6cYLTM0m4lFe55n_dOOp-lNAIJhXIXOx17TCnGN__kptkiUHSlX8opGf3xMOtJTO4ZrghWMPgClLxuVj7hHb7R0Y-UBiA6QuDj_O9tRCGrkInH24W67WeVpBvMYKqH2KQWRS1j6LSUW5AITEWPVoqmxEJt4qCVQMIm9wVeUlXeWTq5icb_QVnCftBlPA5EDIU5nz4GcfQqm6PHeTQaVzgpfeEGNvrLVxsF4I8xprXd155q-b1DzLhMoEgZ6phYVIJtWzuCf89m0MW2pTtt8RwPysHPkqyw-PA-5IFLiPEnj_8ekgj6789s28M5W-YgZOmpqp1DSb95Yq84QCBDFlb0_JwsAZ-kOdwdun9AUGRBRzWATX9nyt6PwrhD4ipfK_wWVo-wHxj8HLvkdyDZ0slLeH00I2NW0RotcjT8UgUGmfSObZgzwPD8YWFjjXzu0gI8hP9RS4aEqPh2nePq6LrhIqeuSBACFQPnqXy7LCxyTGHfWGgzLGPuTynfqED6cLcNlHKTEZHBfGw5SwfU7QiSuIHzApxLYdRHq25vPYJ_1ja6xNJksxnm0zMorz_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  258. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  259. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  260. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=FD5-gHF0pYBzuxuyatb-HT1i8hyE1VABlAGynEvX3jTvPgeeDRYnauTeFRbjZuvMpMaZL1qvIOpRmBJCF3bKBJGdSIhoTKK1MCMHcaMqG5m9RsKzC9EJKvBF3ASFYnqkiNekZ9ZCQ6uQPMxfoRE14gi_1euSedp4uzBhBxNjryJerxLVsDQvJIaQ0V6czALt0cM-f-gwQGe3778Bqqq51-GVLLsR9s7coGCwwqPogjDu3T3Ocvb1H8IVTTmMXJ-da9HXW9MYviXTXvnMJREH_wp2_0zDGwKtVXhg5JiOVxuaZgBm_f4_VLOhBqLixrwGdChk9lnRMwXw4mLWa4axhmSp92QLI_PtJUEOIinv4dDG37OtSudfFmxjXRFINDjaVzCyqJANZb2P3WhfWOSePXs-mTFzt7HxYh0nxxRLJ0gZX3b5K6D5O8JwPAY8pjfpgzbTZJCx_cHqok3tVolEzkC1YeeZfh8bmGJ218zjk0d0yY6eM_kShm1U_nV-_MBquLr8loxglIiIwiGgtLySY7Ydn6y-T_NtW6ZCrj1S2f1sQqmZcuBJpr60JWKGtiYkT0-LkLCHkilHRE-EbweMHvXlueBU4m1H7m5ZXYI34kfFWPFmuiBZ0CgJ4cT83_GMcD9X2Alg61bBxzz2-0dubwazGtEenKv-MDDK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  261. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  262. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  263. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=M75vBGZ1LPE_h8R3P-Kd-gCid_2q1cWy5DsHfDRo3py9n_TkGb5ELwb1pQMSFa9DpqgYyPDhcvjS83o0iQxaNROJMFqI9CVx78UW0W1HssIzAvWYuPs-SM4rM5lmtQm4VUtAlb85YWn4fqq26oyqVa1q5HrAnJSpSFh66xzDfHA06ogyH2jnA5xPJfaK5f34ojLKxGVAq_0-N9OWX8P8-C846U4S-_hbpcVI8r-v0t4HOHOEeuunarrD7x6C6XB9Q2BgLYi5TA2i0HWFpJWr2dddSEOIDe3KhcfPapLAlmP7aZ7oyPA7FxAv2qzgxLRELCODxYrB48XJBypwmV-38XJC6pd_4HCLc_m3jdP6ykRJxsjY35CcO-c4HPIV62xWpTKCRvq5sQTY8dq6CophpSiaSPoUZtZQ0d2pIzKhCIloSPx_o1pPElGbLFXMBZH8-Z8uI9VERWMgLELPjDfjpS1L2o2y2HxCqZCG6Zyg4r1W84Tv4hgy7SbOVgtr2qy32OI5f0XBUg47LTLdRL2iO97TLDjSMj-s6GkofrK8agYj3QRH27DI-SGLFIlDGBBHgULTpvH9SYGGm086qP1bZN9tBi50zu3mujmXkjBYiZvVT0KjtgDEyKikPahxMxShsCUn6SP8xeiv2yrRxONxdpvNERwzZOdoVZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  264. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  265. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  266. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=zzXlSRTkcbFyfq3AYr41EGGe_WAqsML6e403QYAaj0dZIjjZeNyitpxu1ZLOsCcO2amvFc4RyPCxG8LFf1ilBDBFGMA6yT90D_AqBC0SmnTWP8MHTLln-vNWkdcuVh9NBzwoo35723OsZOIt7qivOzlYxGHfgo6oFV9hBzOv2Cetju44SewpmEgVywSudxogjXIH9XsnEL3eDC7yQJU-lKBSWToAQDiJ3g7DjSwxUODvzU2BP58mWTDj-hVK1KkKgmTV1ODi83xn7wbfoOpaYUTJk_tA4A3bzxX5z6A0zGE5wI3uBeNw7ehqTsa_OznsG3iVdaTOXaH8sxOehGGsL1Swe-dVpUhfoGoBTuhXzJTzAofN8jA8Dx5Uy9ZmJLDYaQAb_XoygE3wLBo7r8caXtMatrCVcIOr6waPRjokF_GGM6N3trtEToW71fLyxPXLGNHiZCMzRkAdYJmC41UWC4WYdGyZ65KIG0uzRR-t5lM--dDVGh3cAXFPK5E7JgNcCqYA7-servZQ4QPi7GUNMsgMcg_N7V31RwPIGdRmJ3DyuPsi9n66PVRj70LySE6Ylz2x9g7WW25AX2XeM7H2QOg4K-4lSi856E5Nyt-k0y1ahgI8l0aX6Rth12F0NsUOm1Z6s4dPWfJN1vtpVs3PvivIHVIpjTCtjW1g&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  267. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  268. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  269. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=Z7iGrs--gYFwjv-KVqFRum5ZV8y_M06fQFIDk0WM_hFDvBxwJYcKd3V2nSQv4eWTzoMcnkXFOb9NQjdqVQ1kDdzSSqlXI14ovOvaJHSUinxcWTM9zlhAJ91Pcl8qzqNAEn3Q_dFY-1o8ncvldALhclF8Fp4Uvv5DBFKbdQke0ysICrsqeMzYe_sZkIuTi6KaklPa9Q5kLtEXAeWHyuKM_eZr2NrPhB9hdyihNMnHNWoGFgdmBGVICtHFpg-IK1X57n5zN4ilU9LODazdlWaN6aSjMq-IkwfwyeHKqvlYvSVa1OxVaX1NHpf8laDI2xSxGdBYZXld9khEuiDnZ8hPaDlg9FK6B4mge2tpOPPtMLuyDwLxh2JEBQ7z8aFKtaT-aLp3JVXCCkydePIGOGgR28yxMveVziuQ-6QfBRn8CUAImB3B7NoTWbSZwPTgsDiT_3fJDNErgEA3xc0Qvk6noC0tDf2mWvRiggWwcmMPEctV1PhuHYJ4bf96ZCu4AAl7n_XDY1G7mxkzRbGHEdBlSR9BYLl4JW_dd8DYth-95I1mIe7B8hU_mNtS6iqdfU-qOlBdBRwLxEFp6Hwljf5Ly5tgO7Y4SZLPvXwCAA4VEhnJ4rx57cPGSr43qM0TYc_rN_-mNDUKC6KDIrX7L7hqF47AAVzMG6RlZT2p&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  270. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  271. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  272. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=vRid7X8PIAD3jjxFPDbZGbUKTE__yN1b7HfVrzKi-ngCSG7Z6wetN7lJv6akNjg3H9OIBmioeg5XMZqfCMg_YtWW1VfNh2cWSQ_xdooTX2V5yEUYxdGLzWzZZa0AP4sH5rfUQvTftTveA4cv5T7jztVaMnmyaP-kBR51j0eweSpdc2h5dnE5Dr42hjVcB3NGRGXdeMGTjIWPh96saFZv1wwp4XYbbJj6ka4zKqf0PEZRuPIpJK404Vb0CKlSlFNbd8Epm_Nu9RJHrN_DCGcL7D7DKPt0StKvJOsoXs5sLbmNI0NjJT2uDz73B6hZ_bOk3cvTPkCoJAyquHEYQyARwuaSigtYezb_xnFanP2IwVSGzfl9i6k9rbj6HkoJktpqpViH-8pRoRDzcTbX4A_7mRWnqo1XvI889-CEiGL49xQziNz65AqbTTPkdb_Q33CONnS7up7rDQAMkQEFzUPKoMUZ_Z4ru1zh-L3iGoiYhf1YoE-05gbB28GQji5TT6CJtJ5INgN1kZHnw8kWcwNepZ3X4RmLW3cGktAIJQws2j-VNPTYt0_TtFbc3LvvjXWu4e3SM5ZfsHmmgL0DA-dlJsdGJOLB-tR0zMiYAj2l-wEWYv5Du1r_h8gunY1atOEExhD39Oi6EKha93tOki-UfTYgiwJ-fj6Lz8im&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  273. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  274. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  275. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=SF7OzZomLtHYR4UNQUTqBIv6c-BDqSoyIhKyP4SARuW3p2bqub5p_00ke65kgqCyk4UiN-hzeVYnwj7E7GUJDxWVFt189Rv0EfN-ZQ_hNdZUZ38ZnBjIUprRMAfG27EQlS6M2JuTrUQJKR9T7x1XZjz1KdbhegMpmKfZTa1UC1tFhL-XprYNQwv7NO9RlzwMBYoKvJlxHHcf5yfHaboURV42HPS-bM7o8y-nzzQ8zJRszx65t5rvkQKdFlznMjYm5QTnfjkd9YAoFKYNbYwDqUDI49vV_LpNGOVtYISF4qUs4YjOcmEU_ucEyjNq7_lP-dvTjEc8DrPQK381CGQPnzMusRpsx9GP4N7PYdjZ7kitf42jDl0hxK4NvTtfV8UNNaT099Ys7IicMIpt6qyg8d_Etp3rg5yTw9dM-IDat07GbhVUVvXRMsLbtdrtBfnkGe76ToWQNYOx1cdKGdQDhfHxdf21yU5mb72B5aNXnQmtM46zaMxLcuj4ISz_kWArWLNw4O_umwwsZWrUqWC2-Dbb7wUiymnU66O8I81MkkGrF8p3At19YzxKzGanafWw43xA71pzpqSLR-ccvzYa2aaJXlA33jFM2Vb4-8h0rBOV3S46OWliVUHA-9Qm8vxDb9jsvMoc2kT1vyEaaZgZ4D8Fxxwwb63v4O3Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  276. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  277. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  278. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=we7Bc4NQIVsZ67_Kg7RWnd5vtDswOtjNNFx4Ba_x0oV0svuvLbvFVCBO5-2JiXzKovPP8qjO44LxcCzYY6baqWXXIZ2KTSp9FoQcViNcKMboFlcdot3ggGlBcD_rzzkgXvQLFVTQKVooN0lDCJHQt9_KOJXEFwiXJKMea0eTv-yBkTICDGnEN7tUral5-iXSTMoF677DE3LcggMkQhbmigQxxO3afJpeMeFvGhz9rct_yv8lR7idMcvetH6iYx7soOBUb67IgRqFhEOEbSaSFoICVwfgJnM8C8WcOnPPqzuGYlyW-_tqdIFICaN8IGaiI5qobV3KmAnykwV9Ybmcdsh7UCB9Pf0pm3CXxVZ3Mf9acKJ45PgiWpiLYl3TPjyehlyhTd5AOY9P-GXxGbpYhb1dLLw_t6D_CEkNWZ2fD5mm7_zv3Nu3YnrT5ZEF-O9zZraJtfSOFsEZH8ucipGLNBypqNTKzn8e5w8EbhZ8JayuzNhNj69Q27xEqp3r74g9T615qn5haEqEFVnWIG3UrQ3pa28tRPaz0vefa8QliG-vSfjPB8qI7zHbasNp88F3cI9vfwm3cqKOIglTZL-QYJ9ZP94Z-BR0rQ64cLtxqdsxX7EsNMZsvDQsA2Q7MWk-7fywYSaY4X4f7DU0U7tP4ETcyDwMk3vZOoUb&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  279. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  280. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  281. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=4nEToFgghg7rvwIzPggX3OeUdjyKwmlzRPRH61OHe2XkYYxYirTMA3l-PPlcJ0TEohmKB5e8UPVZXXCwXHqYikeKQB3QuvpBXG75gjKDPMT1ybWC_ZGG_nOIGX3FYDds-SGs7n5kG1dGw_iUNjzj1HWHEzpRH0ipVkRbs7O5R7tKn7j-WMZqRD6m_rghVZuKlEUr97Jf_QD179OCL3tNJHbFof35xzUB3xOkvc6Zvfi5ysn2Y7YfeP50YkEz3oHbr9J6eTiHlRC23S01edpPpmIEFpnTnAmtyMOsq9t6ioVprc2mJW8Vv6MrCISGIJRGVKOgbjvooM_1FkDGAf5LgFGQzV5niHjUG2lu9N96wX4MbVw4nIcLnmqpDG0UgNA5FYRFYpESeXIpHQKB5_dBgbIYiapYYSAo2UQDbcCVlhBLGn8Amni0vZbz2854Ze_GDkAchoUfManQr9DPu5fg2r1oXyJCt97_K9hIOThWzkeYDjFtNwg3JW-OzXPdVmkYT6gCcYBRFbaAhSC6nj3JJ2Yk1QBmsPe3ayxpE0Lbn8IzhN-d0hu_EVut82LnZnAohpxmNpMG9GVm4h5CY2r_yi-PcydnjrdBx5gsutwoLMK0GpMYY4H5i9UxcMOLMaVEZRs10joV9R7uNei9By2SA1EO81AFoBggbPvE&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  282. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  283. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  284. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=mD-4ePwRdEizLM26or2TDRfTZhQtcxxKWYkM-os1CAVE5LVtg5fZwZ9n7wz2F1RtcJkjfDAo4M4L-bp7QYNbg1Frwn2Mu13ZNcm05xosyoHUrzJraYUQJRQlo4r5E3Ab2JN2YwN8-WAmCG3xl9QZCKYDypfd_7co_lLAvL_ZL80-UJQUCFBdS5Rc9aNBCE6YFNQYT_DhRJdTRRni_lknc8cWmLYD5W11p2pcN4UuLhPKCVuQXf8h2myxT3BotRWAAMgAiHMt8eGiSBaxc0UBLiMToFhuPy809spnG4lrOadNaUuiWlIH87lrDyheACh5HlSAo1NVqV6xvCgZaq0PuoCrDiiOCNfeDfEe4dFKbPMBwCPxflOUu1MukK5VR5CmbmRa37tn-xLX6mwDhrAUhBiXD9VsZIsi7BO4fkiTbX0-GGzXN_k4ryj5lm2rHUeAok4BAT3RScOZV-G87jhOsDDh3RmitAqLegG9GVb-PPgnLi_nD6fY9X-9G6AnMgAjGPXAnHSr1SVZytjcaSaIhXA4F-1Xyglx3W13fb22wOb2xmLsvOuLh3LPzw6nua3Ginmp5OhAkdqk9YJL3Kks7MC7tRUALlrsoDb6ev3wgj4QqbXPEYyJCBFKQQvAeoeCFBNKtzilPP4P8m9a72Xc-fXE5Ku87DndHwXP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  285. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  286. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  287. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=m3GZU-i4byS6xqgLhMaX0j2BUpLfAPhGZND9ot_-y_vFU6E5dvcRq5zyEsZUjLIV3VSrIbBZpdAUl3CH7u5VgvrZ0lhHPCAJmUTSMwlhDDYGZOycQ6OgUkg0iUhvl9Q7Y7o0iAWIbaXUSjxiMAj5gv0xi5rlPwdx2FVF3GRQCV51ccAbyP6Z1EzCILWMbA21kiTPAzW6jQE9-ZM6glRy4ZCfaaD-QlB03mEiX-KcFPF1k6JKYDID-JhrQBSSIdpDcFaE3Kmo0m4sCPpjUZGbJIIx_yc1dS7PeBKnW3Q5hE463rh45_LDH4f6aHfYPrPss42kFzvjc_SDYtEzbO7LRErO0ZIKBxsdZszKBNjeptkCVs4iMSdsh0T_ooJOo53K2hwr1T1MM_qb4S7my6yE26b5LIqRMtW55bpVabIX5glmMCHZC1XGv133uGwyxDQW5ZzlqDiRMSAvZ4j0x-RDGpbIcHSAnZdyjsyxkLSh0THMic-2rYddNN9uwQ6YaKotAMcBCmnIyraKo2HrAQnAdhVDM_PqyoSCPRANkNQupAM56V5sOjb1JiLGvP3Csd07uGqNx9hEeKVAPFvYK992Dgz0EClDmlgL5BvmGsQRcssA92ShzLMp_0a7G8ebARSwawilQMk_8XAcxgsAgJvJ-lhzxoIf6EMsM6xr&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  288. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  289. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  290. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=k8qdmN24gA1X_93zNE1jW8qc5fWomdTYhir3M-VCZg1bxL59OqoC6LlDaZB6KxjNm2ITqZGyohUTmot1yD-EQflyYR7hiP5DJ_jdEggv0YEdzly32H-U5VSlUQeyyXWxgbIvBg0kZFEs5j8sipnmqu5JMDuXX3T3Mufacp8TmfTsFbhCQ32_IKaxe1JIiiWgyLnU_AzoLM2001Jy1yOLoAz62IFre1jn4xRRO0mrevxzxFJfkT3RkFy2gCmfpAVfd-asb08kUqFYR9QGmiGNqhQ-jKItatCR8rncvMIpQ3B3Alzn1btFrG7ilzROR97qbkX4lCWI_o2e9XUYQS6KcJKXGcsrsS_ce_FgXKn9LcDCXZO9DpPgddKO6rj941-3PmPZSVkchJqk8XfzMHHrDWuldhfOoZGMHp-7hPKVRwDBM0l6WBWUBSm-CAh76yBs5Ulw8uMQfCoXPhPQp_eLdY6WB--cm-AE64OChvjO6sEHQxpuIg-XS84HR7DYEB0wswdBt3c0ULa7y-Hft4fhGyPtC49PM6qeGdQ04w-qWPuTJpHY9dhR07nH72ybxXXfr5eGxgviMDBYseWmym69VMo3Z2Aru6MuO5RfnH1qfylpXxz_6hKftlV73EBLMSCz3VY2znvpsJMzMWdiT1RHwozmXLSq1qHTJJ9-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  291. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  292. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  293. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=6PFG18tssW4LFmhy3ArfiMWKM2cEfSmkSypzY5KC8WfsCoVp5ozazu6v631CVf96fRnFL2bk7D7SbVQoD6Nr69MluQf0BB_NNWrMU9kUhwzG5Dv0yaiDyvYbv4Gm1GM1iZ-cJNAf4_h7f1G7pNCZFQF93LdGBmgctY94H0PzrkCFy669wlOu-HOTHYmgb9hE8-zQHUCLrS5hjinbl8-AR-LtX2dDC0CCM_s_GcAvhhUH9JKm_lhPKALLj6LyACh0GCjVwVujQuLz159o2pO9XqFXAcrNyrK5AsNurghvEukqvOKpKpI5g-llkn3dOWWpiQW53ZqgdLeegEe6gcQlUAwYBmb9yGzchBQq8mBfSufW25uovdj0FIFCH2R2yf5OGlq7EMXDBTpg86fn9bKgFBzMav1yA_rhlkQBVfhqDX9Jx8yyNFwfvxBL1CwDoQg8-TCa-A397BLGrX085Pfpwz_TE9t2ks3xOej2Uzscw3IsMopNvfa3RQLp_K5TKqDuqwza1JpT7sR7YF2I2DyyIs6clvlkMGPb282Sd_lV0kzSFR1MFthH8lM1iG9wM6NHfjgrmcRdDWRBUiONYKPMm7d-Musnko5XVH29whfdcbfRTNpoiRa8L9fvR9vAiLb3VdAdzMZ064fyGLFHcdnNzx6McSXQRXLEbHSR&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  294. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  295. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  296. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=vCPj4T-2EXml3ilrGqQOGIA4-m2njf_KL3J7sQx-lTjXrqEXP8GbXxaUinhQDigtI9lH9vvxShDqMkQBTeyf6VUHLwuPA8wBW5dPGB245R01XfICgxOqb8JLUPX7qM0LKuvWuIJoOneG3ArvycVZnnAab5BCDqCWT2tntL5_5EQo0bR8_UtGeLppJbSndBR7RFRp3S4TlVjNysiIs7pKk0Jua5luF2y3PlWMwkdwsHHsC7V1eIGE5Q0etjO5oLKjA2voDOcbmqO0iESteqhI-8-Dmi67tO5TCeWsW5DyiYzJzECCAXv4-cE9FdbMSsaKJfjL8Mut6lU4GRRMaViEQgb6um7pA_tZPJpTfzdc5MRLEyXK7KlmYlug1g2x7lxqAwud5zmgSjdBBiXKxNhGk9jGPMoemaGhVBr7746YNSQntLgAmpdrv46bF3qag56PnxSLNMvaFbDN_fFFLlZS59aTfoFCWpMChyYAuVbR61n8Muve03Rd1Modhs74YqHAb7E9c9lKMmInKcaMP51kbIdcLaQ416WGNk2bUAf6HjK_PHtZJMk53kH9uZHOSq5Uwfyi6d5z7eNvozMeWHBm-Hk5cjEd_rAp_HSiFJFpljIPtoumEe0f_HFmdxKYaR8P5pjNiedvfC7oYrWflGEjWLmQIXYt62aaDAH7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  297. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  298. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  299. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=GVttcNtnxW2JonhC738_6IThdjHYbjvjQtuLalQ9odjHHx4m-O3B-bxwKx3Foj1DBlTWvLWS_TmxQTLQx3mJu5KflOVsc04P2-XjuKRHACgf8M05AT9a6pBm4MDCPIQVo5K07WMdx6i-UtYkSo8YI1dx90GzkWjkmxBwotDoVrPehWyurJWMA9L8tS0JVQOMcjDO1LDTPGniGc7MApiunoWMLCzDSavMmUULqadF1j16FyHkw5mp5VOFaOF3ZhcvlM3Qb92HAqaf-S5hhJdE--SQcDT4txZ30NAuHV1bMis9EUNYPzPtzyLy7T-U2kWBTI2i4VFSyWrlZx2nufrvvvzxbmNp5AUnbz1vVY8eJSSX_VA7zrUSonJp1Dv7tFXRobRws-XvYcEVeBMZn2NBfUnSn0c8LZ9spNaAjz8aMUShILyOtLd63lwwH8hytEvF-2RG7CQv4v0Xz39QQEY9IrK017RZheQCihrycgroCvrYCqWXlTFm5DhhGZSJyzJX8WE33xM7xFeTNmF1xr601rlAZupVImSHEMfk97euw8EfNGO2bXihH6GbaoQZoboBxgfADPkEmoN5HNENsiooz34JJEVIxJeWuJ31iT-mWMJHwTjhsl10xQlCej7uiEYnT4nKSytxGs0YD5QbCq033Gfio1daabCGHz5W&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  300. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  301. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  302. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=AytNXjk4lgNzLAQnKZxUxIx7zq2XqFyh324MeDGhSpC7MjtT4P6DK38U1neIxaF3sN34zKkhrJJAOfEHnZyZAFUClO2T1l9bpHfi6Tl0qHrKQwbgS4XZgm-ww1wnz_oCEk2Wj5ZzrQr3ULZjSFLFUVe-UTnCSwBKUNVj0NArdpqi91H-TSXazG-B1ENycvS_KbFv9V_B6uX-W5JrKhQRPJGtLZAok9dwrTy9y-Ds1VsBurokM5WfoWv00DZUE_zIT4LhwQvb8rNrqORlQ_nS-sVLSbSiSJwlK2wmOUGxwaRJX0XqVNraCl_jkY9JyFrYAmbVyAwe-c4G5EhRe_yP1h2PYhpWNsIjnh1Wne72hqwZM3CH64xiPi3cIvd-QRp0_5tXrCAsxYyyDDRyMIMhNL0PJIvDLMCiqjY-KH9x9yqYSh2QPQrIHTkVpNjET9Wb0BvCLE-xWMTElmPPxKOS2MfTeuNNJV_IPzqPygTMahs6WWeHt4QFBkt-9lVghAsNY2eM_EE7LQFAatd7htYCUYCVjfjmLkPHZpvYigwCimbOkDaLW78xu7rw0JIaaboulUfH3tajrFyQ4j1BscKy30FLzj_JrhHE1Lqa9GYijNd5jqYqcTQ7lp75y7fETIpAeULu68v9NGH237m7lnE_T5g5DXQAIOrydkbw&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  303. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  304. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  305. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=LSfZJZRO5qhJ4Haso53RPEAVc_nPUc1EUX7Rdzku6dyyTsEs0qWDnZUtrOJiE2Lu6ebjwwaHVE_gS_pcowUGkvnTGBrXvrGHEhYtKtyN7B_SsNP2Vi-MzyLgQ_OC-0Vh48v0bhiBMYnP1vc_Eu7MQx6hj0lFEMGtmJlJXYjnoiP8q66JXFTULYskRliFQoIRMpV6RlFLaLxN37vV24GOOE3r3fGEW9-rDG2bkYVv7DiuaZhLexSbXYX1R_6szTyfieXwCRmo9O-jKA6M9d3c57Xr8VQ00bIGLp7mC_G0QNgtXwf0mMgX4Pab-UIPi92FtF_jx_5wSPOL74ioslfC0tWtREcZ7N-qANF0oXOKmfc9LZJVrUOvXWiWUIQuXPG1LxQ1A27OEfDyg99-AEtmIQL0IfDG_fXnXKnuc4ZPbFhY9LZ9NhHbRz-CeozZY9ZaZX1ShAhICh5V6P0NWzgB0Ksq76ZNCzrDtLedLmp0BvLHgJnm-L-DKoyO80qsNsNblvdIMomOeYakZLGI9IheJuKHw6q-6cReTuDhCJ11l9i-MDkbqNAXCTFApIU-cGEGe3Vps1-SPFTmZXXGX5YhH9SSV7DnNj_C7ezIlJ9iY2ybsnTYDJKSp3DsD98J6SGIQv0ajHHb4KKcABne5GG5_weCk3vR3JiIFf6R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  306. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  307. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  308. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=7ltb-qB6h1l6Db61FBDmePZf_vEVSXC_IJ4HSf7WgfrP88HFfjWlhdYRnhjwsqsvcYQkQXVxkrtXfk3OiYaeYuWZdnXEHiwQ6aAz1AR06emkHxGsZOBcZhf5nLdH3jLPhzXFcce7ejecnp2Og4FQm4GqH16tzKH2HBy75Ho5ZmSXwV4vZyyOL0hEbI2jhFUdlUYgcJJZhm6E6K9xf2ZDnUsiw1LyOiUS1dKwm0sSdy0N5NhRlqupz1pY0Ob00KbAdJHJnFnmghxx4C--z125PzLV7cKl5vf7wPax6J9nNLH9VY0p3kSx-yTJ_AbKJnAYMYvjEAMVM2GPFJtfny_g4clqHy6tOmFgwkJOcQMSnP5hUb96V0Gt2wx7WOoGZhoTmeO6M6ikcBVroli6G_lEzxWUvpBE0nEiOGM-YoS1842tp3yBK4eNLxS14cTaGwv_pnmDyt4ub4JoyUepX7ld7uMipkMNO1JYXy55gXIjLThYRTniTtfx0i2WwiVvJQ3dErVQVMgVhgPhWDbD8ZGTSJmmIpthQFDIJa8qM5-Kp5Ms3fREmBsDKukMkNuJzwIb6YjGv_iNqZeek0-6C5uxeflwuwrbFaEtvDwU4ViogxuXhnpYG8tZivLxTzo004YBLzNW7hDftUE_eZHqNysbTw5U5xvD2UaWoY_j&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  309. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  310. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  311. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=4r2zQ_oleOisE1EYSZcbD7JODd-0im9xu4OMiOOcxVvsmr5y4hL5PQV7tL9Yf5bzAFF6mmOoIiUaRCwLG1rQjiTm7XXWdo9VsFJ6eyFRV9f0TNRaVkVSznat5Ey6Z5tNXM650yXGPhyFJ0SxU1r-Ok2mWjeTpJv-nAHWFebQt6ISbSG7WLixApsggh9Tz5bJiyW4X1korI_i9hUSqx41iqG8QVf9OxNI5txxRK-reGuXye0yC8jddUg0qxuOxqx54KUxrFYB_r398pts2v-5QbDxCPuyGOLdwewbG0u1Jec5P9CM4eP6fCV5LXdALizEZ6a-7oiRtViYDi1uCm1Nll1MvebzCOe2CNqdyP6KSGtr1rVcn5Jf4duOZIyqODVOeBSOms9oMv0uty_DMrU3qRz6rBsI6v5rIEDJU1sfThSEjutXnZTgyQPmMpSE7FAsAPt6MAVokw1ous6X71ooABN7BNt4Qre5dEfUyNGyjTaNlWZH-YQrVawxW1Q7sptbMXV2nVThlUvBfKiItncGSDmvUzXRuwMD2xe7wtSkEsY6I-SmGavQAfZ35rHerlRIoDoTGSuiCazjijDomdeQCgOhvOQPqyrOJAieonAhQ-h5XoPHGiDAoDRbPGtQ-vrkW766hMPU3Nzu_0wUyA4dutT_SNyQX3VZvtYK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  312. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  313. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  314. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=oDpEG-7SBrF47vhmyi7aXdt2rRC7F_ecTk2dvCFRJ-1Z9ETcVlXoaLIX6xnGAkMopprWbD95uoG44yx9RLVPkKdXy2fXpo7TOz0C5O4-hSh0gfhFn90IQwMZ0ozswS4J8PKT2ji0YEcHnj1tFS9MACBpxCsiWn3aiP6mdYA-_lWdZQLR8BDPUJOB3SdcA8N94QrVWlVuCC95vp3k7ygCLbkR8E6lHPEg1gSlJNO7nyggTN8ICBD32eoAC80vLZrC_TXa0aN8gUIMvCetu5KjZVRCCOO7x0tE_1iLDXC6Rx_Jhc-8Axi_EAOwO_EX7aaSU7Z1JOGxjtUpfFKlwDRAhcSRPFZ8jiMrBLs6BCJZojppvI8vswCS3JtgzFsvrOykU3qT7W-lZQ7VTMUN-_64EMcnkBJgDmH9THf_46Eqxt3q3sdp0T0LBhfnynFR5dzp-dKf05I1kPs2gnaaaXDZnvvYs-7AgZ9_ndgPICKNWBcdco3dDtF-GVye7QJGM4gKKqcIauhx3IBojqVxw2IgnhxKJm_jcJF-E95TsavbXURAlcaj5MhLbaagyg7-JlB_E9-dHW3fvxpaGeltkwjkdERn0cXuIC88dJ-1JDnKaoTH34ujoFJRBDYHSpctl_SZhHPHesrL8KBaY_hxnAsbW7ewd_ZDU7RUSogW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  315. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  316. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  317. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=MX4tv60IQo4-EXYi3TjEiV6mFk7WjJ2T37zHn_xHn3V3P_DGOBDQGBl81Iwh_094YmzT4el4J203kdtyibzszGUK4_Cc5V-VSMa4NDKnTEi5OyBuV_kjio-8cvVMxSZbMoZ019RMR78H8qxbHh1qehRrMTYChEUFIiESQhkdwqJ9k-Ga9emIZ8JQaUN7kxrzaZrGq2d2daFevdtDIETdWJ8qFhROGzeY2Rj62U99TcMRhYxFxcfkPjZygfp-z1Y6Mxn1NDFwDjOtMiY2DdCqxfIXbrTo4Jal8SYT4TovBW8g5tvEsiD90VFv5FOKiZeTTBwvCtUAr_97XrujJ3eDWgSAireueCN1TWYNnOI1tK3HMdbnfm9JZ6TkmjGTMGgu8a7eKh2XlnNarMk8hKmHpir_Nkh6We_vGSy3cQ4oGoGfN5DbPmnf7tSZW1_PzRFzJFtlZhVrfwEF2bFiDECojZ5z40EaJpYbbcrQ4fhmPZHGji8rKQt_Zra7j48WLsjbZ4ZNMIHCFdeapNygst-DT3T8XsdUtGNpeJNbvSmw4LRCofKmWJdD-CxAOUN-SsmaPTluuLClopyeG0RNRAFlct42EiZ5VYR-k_JCEviQc49Nog7Od2-063pgZbClqDijubYpXArL6VC1OPZ7HKkHXYu4UrrweicOvhB8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  318. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  319. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  320. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=ljqCwaDr19JQp7yS-gEXUAmRocvx5vw-Yeo0m6KQMdby2YIfVCXk1DuWrJCbuntDLdNj4B3MHwa2zwwVb0IJRUczZe_RYS2_zPPKXyLQ2ZPiRYRW33LPKPkEjbswWd7V-7cBAkB4L2dyor9JRYebrChcRUmdxOoI8Xnoyqdp0iMf-G3WZl_jWSosdSZU8_mBzRmbJj4aJxMPgx8V_vrQ26dEUnZ7A_7kAsBmInNpgfBDeSfUBs1f5s2JXf-iICWn0Ws8WUqWAAaGCeP6GeEjUfq8wGgN4BlhXObTDezgieDwIRtYvXGXJNTptB_ErFc8ehgPgQwZQBm1NKrAfTld-MpY0B9sNP3isAcSdqwnRyCh0k6whn35tnpXIR4gE4YeHSJquyxP6VCm8LkZ1PYk2eRLFPgsE1ZhLgEnCw7UPvtW8wE3XtrY-RZuI_C1zcejQTfQuoCpl4srdVeooM7rVWdYuNrgrq8Oon4JjYty_MHDAPeWIoloPPxKWXLtUX2tOG6JTNlBSccddDEHuQfgBSEQ87sEfz4TSsYyqCWM-OJsoqM3gJ3MzsK_Uz6ipS6lQ4hbibY-1yEitiWlYtG9m4UhUucqKQ_lY2trrSCu19W4yl6kfK4_pPRo95o-EAKX1YIDlMtph7w3iGxeRdwD3rPduqdgp3vBHIVI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  321. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  322. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  323. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=fJI5_WA3TGFivwsDsy99mGZLpVsTWRX0ZRRFGLdF-Sj-xC0AFJ-fQOOAH9p0Jnh7mlZComNUfm33fzHBZDUZe4Y7yYKOopdalEBzJyoW8HCRxvVUgxs_4hSVXOWF7BQioV7JTs_lGwCtY36HU0NhxrdN1_5KqA2O85BHeE4ECev0ecxYwrQZIQQGrldvxqIHV6bJNDMbudv21ki0RwrSKt13-Jx1-4qq_q_myzbTftDN6_RhV5xX9_CgcRyODUiwQ5iW-ypuwswqgglKiEnoTXHeY0ywAuS7uEw0K3PE-cb6o-_fjkq3fAsxv8JgDHUMCne23BWapQJaexQDJ-VDjTVdb6VMmjefscQAuiu5_Dga1cVfjDflj8OA-b98dG3vCQi17uLpgUywbPsN6ZNCHgqAu3gRGUfZD7qcul5UCmSEesEdbgN0GIT3JqF-xHYiWj76pGxLlni5S5xyV92ilm2qyiRSz-PTemWp-RDJcTKff56CVqDkvZ0CVBWbS70shXcB5QGkllILKVkXdWtt5ML3Ot0HLMxBlWvgClXfEqlNH928fb-bCYHURct5oP86GyU4VNn5KwdcFfRb8PrZWWuATOxRnNxs56yjQYGI3yLAv0AH-uhhsskd94i8jJ_3_oor8W_l_hjck0EGm2T4jLH8da41rhixwgbu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  324. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  325. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  326. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=D82QyaJnwWpcHZiSoqaOofytqCsJfIH7q90Ea6sRk3U3g2sy_6ajccwa_DkTz6-UfevdvFGRCucgSa_Zh5qa2_ymwVn8X2DT3vrIocw0__DUTyZv0AaeSaNyKVkOiJoLqNCWtOnLjtf6GCN31h81T-c0bFuDR_-rd-SaIo5mTcWUraLXE0UGr8UpqCsLnXkwEdQ3yUaiZLDf9k46uduoij_SUDBzEhyAkPJ0H6flLE66urJbvliT5tH0M0xplG5q5y8yzDHt6_PicvebiEx9270EzQLHIDWB43Q6cU5U27WGCIAkHf7IgI2WZ9-2rs7CfczWB_jYSHQ5uf25_xQR7D43qV7lYI-5eevvuQVr9KrLmvhpmP1_CIktJfevXa-ZYOXdd-GyqFHZr4fZ3Px0BSjaH44NXodYZfTHmUdGR2tfCZaCCFJK5wpoLytc8c2kzt1edOt6kykyfTFy_fMBUpIM-w_LwB4t7vZU1uYJiHKQAwpgii1D8eya5Jg79cbKyJvhC6ycGVf1KR45n_WIecs32Lk1LURtwohnFpBNFP711bw8Ph58xMDQvmAyhjmnt9wHUlMj6tyInR0-orCRCYSWXoLGKe-FyGTgN4MoeYutCSYpil0DLGDZDS91XPxk1hZ8t-59nVReOCM4O90o7DeuMMWKdxTZjXoB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  327. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  328. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  329. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=-ShAzyUeyctrkh3FfOvnFhLhlfBM5Mr8v_H-fjwmHzoB71afw-_jCT6r_-X8kU9GoClvzJgKjyn2jj6OZngC5llVakYIyEswjcgpT4uB0dke5foboNU3l7mS2Bw9kEuHFxgwER45xRWd4YDLsFS7oVyykzmcfiBvCJbRREsSbgx-3KIg87g3VLsxzM7T-PC54o1ieh6fYBJf24-V6LacN_S9xxv6sgIYQ9a-MECFGDB4jxQbEXFClTlaDJArk4cT8_PXrRLO77RZg1dgDpTOqQpLKv4m_nHKUldgQSD3EoKjaXtbWaK7XKFhIn2ywq2boADVoFJHfxW0V6-Ekrd1qB9Sl53Q_sFZKfnh3mft2sFtVNZEdMAt_9NnJayRpiw9npkQXhrrRF9ZEsWpOAABM_lfLEo3gagNh6OJDyn3PCAuAhCOC987533ZNUaZ4DzyClL0lismgeDiCIT_o8nkhAjaOKSC8G5uGhXdVmlQpGCxj6mluU7A6AqnMGdIn5xARjHLQOeLh4dOlSkXd4Z1Trc_VNIDc3bH0UszJYJH-wii_BgCdpf8y_3BAlKQX_WKl50QGUlv9GFePK0gh2sP1YAjL1TeDUZPu14hEcTHckrV0AWHWqIpZ98vc-jJxloVk6uDTtUgKWW4Bq8WRwXhlS4CTg9UhwKwqnrD&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  330. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  331. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  332. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=7mY-CkG-SIAYFy-4flgVV7o_LiN0vg_QEdxFgbbOJx9jNc7nJYy5eo9o241yfdZbyFcS4fjVmiPqTu38N1-Us7bYdi6jz2XWlLhDknUiglNQW8PoJMONoXdWcp7HAOCEy9TYJiJmhbGn5wrawEQXpcbDwrt1-xd_7w2981clQoSsBR6FYv0kdsUfNePtsIsvBncmwSL4RVsRv3fiuK99tdDnJOcrwMPbRtuMe261ByOopGaYn2GA_npCEjv3UA6EQHD1Ro0_prTEdJ3xlTBtl57JSnhjGuvS49Z28_LD_ZTYnqw5tlGC43cYIV3HW5gXOh-agcPbtrzw5hTCQx3GltaNOp9MKGsOF2EDXSTuJEC_6CWGAogdgiKjyaue-ACAuCoCC1NrgHiQTleNkt4m3J8Qd5o_sJiqcaojYl_Ou9VD0wfEu_unDQDSc_eByPwbMwGvgNgU6o5VMuMm05tWv0J_0T9LD6FiOsen9RgNCvHWkbpoWzF1796rKhDDkkGWa4Do29u1BkLT2JJOLU0Ej5N0C_aJrJgSf6jSgtIRJDUAxzH75_KsW7LWeBxokVIDlbvW24UxuL8VkwwJtgtckl7jU5UYJH5DWi0qvlRBo8ONTvN6ZFwy7McsX3SjK7rUFxWBANBS6M1fdHpEXnhGk-yRQns2mbx4miRS&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  333. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  334. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  335. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=9TmDE2jS7AYwZ2rhNErILmFhRLjmgN8xJJq0GhbyYIDXOvIcw-ofyze8Lx21UEuMDrkzr1npTfyvF40jo8CA1IXkFpli2pH2jYhKDEMftJBevHi5J56G1AJGsNWlp9P3PBKd_f_7q-ciiwlpN_6jkqfklKmEr9llyADANhhDs-2KGqd-pyuwMbcjSzdh3LG_exVcGYfrBhOVLrWUYZ4hK9yZwoqpH85NAAasTGBcw_383rBFpVNsVYiPCmDloO0PKmwINnNsqXrbu3mJdhGeql5MpMesp1HmFhy3u3S0UFZAnRIW94QlXsBlT8CZqYXpzeQ4zh-a1ial97IPFa3SeEkP5bsCIze5StU2sh-85MHQl-4SyNybCV0K5T81-5RpuSsy0vqmtua0bd6B8faKyFgxUOkQHxWBtRMIlQGa29iEWgPqD8x-BXrMFrBDAJgcP5MUc7gzt0YNA-bKP5pqrTGfoV8UrXLPpZ8riUMMx5eMGCqK5eda_hlCPaGQCgS1-KiR8jtAPWeJk-TFv92PH7dHvbUPu6QQxUvtv3pV3TD61N1JnKFz9rh4MYVHsadOubf-Z1M5sCMm9M_sh0aHqP22Ecg_HcyART8u_ymiVeI86UHH_3ZpVM8ogmudJ7mf6lXiYwB2HDEwkT937UpcZFFdkuoHMPTipbrJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  336. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  337. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  338. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=pp6YMcZxuZsGXknjC-Z2RP756buqYsyNCPuKsj64i741wUfAgUWUMwZ_vxd9HYcqfFHmTq07tL5kE-AFVjwr7zOfHA3DLYHzO7p3nU8qjWkY0fM6VcRWnAesbkKBvwSvIZkRflT4UsvysH5ad4vBtdFXpySImP5hLbqvl4n8IjLXCwE6HrWCSq8vEXkAkHgO35cy3rA1AfPfPNcfmyx4zSPu-ofNhE4xx7lkbuCnDB9KVp75nFLRIFM00buDFjKGkROd7hMYta-UrSibiXsBv5ONmPHr396__DM_zfi51embO7zV3-5dp_rJ0XZAc5wsavZTg2CdKrjiQt30b5_d65YxNyVa3R1Nf-HZxXAWexkaI2-SYNW0cHDkhCQUJ6evZjPrvPrjD3pb1bz5NHhcxdPRIi1FUIM9ZSzJiwkVqXZa6_iz6yOoh6kYoqWCE2GhGVzcdcARzs_RZLMaM96mlTkcMn2k0T43k2CbGJ2kJMEXtEmyQNg7VQlOMEc_VyoEqQZRmxwFLtX7jG1y8wt0bkuUrwlMyHGkrjjFhr_DS3EETmoswXrklJQdtHuurrQ3XlvA7Tbu5iSgS8NbDQTG3zCPPy04ErEQu7dAQIKizcpW_ktLZIpZ_pLz0pWyKukL26ciA2n0qWRTptpC927pWbOH76sA3Ae23Lei&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  339. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  340. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  341. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=Uf35WQm4lLFFhlcL9YtF7od8hqzl2awL5ecQaotHyTxVP4oSJ-k_meiCKZDc-hEwTOK6ONIkbCxiHQyhtyljuW-9Dj4ooMBPkNie-5ltJsmfD1Ah_FIA2dqqd20yftTPW8GAEwsuvYYZhlM9iLrY-Nn3czbEtlOn2hSXmWyLsC0CQ5Dqn7-GFQoS5mDSIWQNpQ3pN5cpHTJVH9qGZTRrNsKFdR-4v8PXsro-QikIxtDnpUpzdilGdVth3l1umEbLQgXQNczTRl3L0LbvL6qaeg_CAZMiKlC6sJhfsBeRUwbA8KwS81vknBB5nbbL1ZACSFrJbXPPgbFqWebj_M-QQZNxwYhwa6EJ4EXCfPOsX-2zhj4RO4vw43L4mzHsYrJfrjzyLeqY1IF5r2O-G0kIOlLvPiorJ4L2zMTfK-tZf0HE-M7hcTVHCBDXYT2N1q7IciMaNUtrMg2WxiRQTHVAaXjdIWcVXLbKsnQrtHkAtWfwJpo8GGK0U4HWnx19UNOTgxZ9QsuSVlI_qQ2pGotYoLzE3NYfq6iamqDifPJBd-v4qs_DQDCQqDv5w8A6q6rpOksGe284Rw_2iXXYOYnhkDHFrd6SuE5b2EuYd4gJDwbKo7edGVEemSo-bJVhEAz582UyChj6NGnlwEOuxKkaDOFeYRZpXaFa6WWf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  342. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  343. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  344. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=jOTHZPz4YMo_N5xIqKOH0p-4g8HPnBihS7eEvdblVzDAz_as2oGjWtgSrozQtQ5yZTHx4vWGngtuYRspre8RLJ96KwMBw8ENice3OSYaqSyX4B1CQeNdyYOqBwb5WNQ6ywV-Ih004gRK0nQ2ke7vcLDR15mHRKDZKmNe-43esuaoxWQHnM8JS5F983-5_zyVbPIav7CiBIH5tVU0NOh5ykzuys0a_eKGbPzJRFkqKzlkGPeHprD5dGkF01B4HXp5-Os_sxCN4z-uk4m_eiTZwqfOd4SZlT1asbTIiL1tQFQY5CgBNo8q1PyQbWc5ug6nTtRfPDSOHfEbIJ_ubFElpAEa57E7IF_-OK2YtlNF0WorWDpZPyCWBPR-2aqLfvbXwAlDG5XSEWCmgHdsaPMsdutcSaHFTUVBn5oDSxs1A1Fs_BCzNyz3ZYbSS5aEk9q8Gr7o8I7MtxHBqoW7HcnOB7elZvXoClBvsNbthpoCLgO6W6Ln3mpCVn5MW_5IzeemshltSLPdLxYRNCbh5X6u2ooBd1Q_RDhsIERig-Wmvfepz4Zc8VPUb-nu-VLNPSTkeUuy0ePCasGEm16-F9VRAw4uxm2MvgvG_XzBSylHmuTJMNI1_Rzf3tddSEJrmsJsMwDpxs8h4UWA4XAGIpHd34VqPIICDZERyqPU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  345. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  346. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  347. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=t_RblvhFlDIdc-F3UnxULkJEKqnYyRULQ7-_-fYuRr5l_58sKxf6Pm8lkaRn3_0CdEq1WYfSVruOmdmBd3K7KrtIIABogwdPFCkm7-rhX6RJ0X3rpSg5RVS48jbB9PwTg3UFRsa9BxotfRHF_Lw_3wMTRPPAX3TtkdqgKaziQA-GWQC46WFfIPH_H4Z4JubzFA1B6aiZZXTv8B_1pSrF1mq1C91jyKgXdsc-ElACf_pkDK5b90m6bQIQpnWcp5OBcA_iG4oBzmoPfuIZaBtwabcaiZrFXijgQWQikQnyS5GDmBvwdrnNqXSzRE4p-tPL_fY5pKfVHUh4kn7tSWMZcFdJPI45hV9BREg3z0LUuV-O93JtFta0v__bZoqq2qwtHQf7fKyPistiqwZw5piTnKrLOaNqDO_Lk_2VYa2IeiSf_wu6JlHRrbtwQKACU1El0Otxnz7fLNfZq0LCsZrrPmc98xkzvRP_yXa9rkIDv9Gen-h9rDm5GAQaGYlZFBlb3L98sT9TtKH_F-RYMrVkq26zezK0SzzpBi2sbSn3TqsclFfQebZoiq4bgOs8kASYp6r20BwqcqWQzNvkd5jE7-gCqP8M52egVdVeINOLn5QZDcR7RUgdgg6QPU_R_zue8isndw-GhkBoIKn_U6xnqfA4MFCep6VWjaNu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  348. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  349. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  350. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ZY1a0Xtv6uZecpIfxJSXj8_833znFR2L58YCJaUztWDgkF-T3V3bZLmTv1OXteYfnwa4ojIZpgJ73rLt-JosE3_yYVfFWoc1XrrpWLnTyD8x_ddTIYBNqNGZ7LWr7vun3-cqvkjfc0SSdssWZOAl2A4JOt3lWAJKeFvsayQHlLNe8xO_UlUq0VLrDrz6nMn5uWmbzcgc_RXK-Ro_FdXbvFOyiGZdHkG26kkaWJFix2DlGG05Ih-6UdQoCLCLY_R9kofD31MF_xv4qSAlZbg5GYKv9vhb_rAo0BaaUOyxdd13pJDGWTmLBNWW9QML1vJM0udtMExMiwDrSDFJqt4wKlrCWWy27cyfTMI_7Xyc5jCbzRnQ6GBOjElUbLf9pTJb00hfbHvO3YcA45l7yGqQWW5sasjMBB-Z-2OAor8v0f1BI_nCbXMM33lHN29_DDS4v844hEPXkm-oFvudEJno1KplWUBpHEFkK3nSZH2ivqewMHCGGGKYyLW2wF5xWXN1WrS_sQwgDtv7z3p5r8oRejZLW4HML0vUos_QAMCnqJ9kfAyN0rbcrIDQEgPdhn4Qe1o5MIjO2eMd3Izv5QPcukHJ0J4JwyxyvvL8aFVzuP5ez40YjuqodIImddxPbk5mSRL0RdAPTgg3PVvAuFQoQiM6sKnB79mEgTr0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  351. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  352. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  353. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ELFtLdDWFFSoC5dKBYlkTQJqDTnrfDASP9GA27FGIdOnjsa7H9W4sfPclmyoBO4lj_90BfE8qhYFWalQi-j0LN-VtFp1vdn6jJ20sVnwz570Mw236wX-IEpLfquDT_S5S10Vh04u7OxZfSwY0usFrQE4BD6dSa-MuzioHwxadIO6VrGP5QlzMl9rkHC5A6CK3B9dd7rRFQsuJBqiQZN41lvsOx5MFuxAOZ6MnACjF29GnXM4Y7XBcFqvp4kcGM9nOVuIrWN0wghY4Tdotxr6AbbfVM6ibVNSsCfOCE5VG_887s9PdAUxtah63n4tjCIX7sROKd45I0goi1UoioWMimPGLETC21BuCHDDagxdjewxNAzRZ5yiXaJtJ5QG-f0bN-rmqhVc1Lx6ETpRYOiB80hg12mqz4S96JFM7oC-ntIQ1VY2oLOmRkIZTC1mJW0mqhb9gGc044AIMDJ035pJjT_3ECdh6qpS_RaGsIRtLGYKcUlbvPp0aag9MyCABdu742tGVCwl4OBZTPT_Hp74FaRfAsJPQOMek8hJ1Cr-TZU9MIV-WR05f_EyjmpgX7YXXnJxXmTPzTRAhemR7ryPztGKZKnl0ujgH2BoXoG5VaVcb0gqZEjceEMFMS3wkUrDTHiXMipH6gVHcpzR21bO09Oy27z1FYjyZ45l&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  354. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  355. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  356. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=YIFpMxfd0fpH-fE5Bt6wGgaAlgPAHtIwbjI0C8aWEnZBRhkuVsQmEf4Gmgsc_uj0RojqbdBpP8IR1JuBOBdGBm24KRzdwuZBcAsevfztNDfBchiQlwqJfnaoBcbr1nZIB_YOWpxpBZK_7Qpu_sLBAyUZ5FvdOTLaNae0DLaQKCHbatDG-8ggGb4bP_PCo61xl9XF0Ql_xTu5HnzhqU9WBWBhNsJvAew85Z6OWV7ux1Qghe3IfxCf93fC7FGGcU40wpcgGjs0ezm5hywXrgWzHwvJPkHTdsoZpJ2QZM8QFP9j10FAGfG0sf48khCu_C9lQvYSN0lCeQs5VFfAJ04PgXJE-QOHhDHXO_0SEuiUMtZD333Q_h_iQwzLHebrvBTZdUIqk7VEqyurqAZEmZH4tNT3dst_dl6rVHLMCXOasAW11egeidaNBxNr0QhdY7GqdKxwZC_JRK937GZSDlNUSzPYcbbLootQcavM-Dq7PuWD5OXX7yndZYQZ8JXu-3Q6c3Qs7c77zeDKCS9s4k0pW1N2SSSeiVEoo1bGfZKwAAiqXwRg6ZT1MuHVMW9yjAV4JEMyj9PK0FPs1sdTJxJ-W_mmo9M4FApRVftUT8ecdZDBG_CsKb2wdpaMe59EiyQxP9OHV9PtOnC-3IlmTS8w9sk8XwPILFkMYpYv&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  357. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  358. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  359. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=Bi6KaktGtkLkFpNLWfAsLlcwP0jnPBSp_uLAFcIcXBz1-aoI6ioEVX4xWKkYA3zr4I0E-AKsDoXoMcrfLfRqC2plX08KOMOM5ZUJV16qaafpv6g1VXIq5xfuJ4iza_9GbUiAekTUgFLhAMBUPoGnRVONE3IleuNUp9Yvy7YQBuiPXxWNfEBvweN-_PYLNtfoHw7T--bNtYnuJXsWsa-IUpF-4j1HzkKRDrx_kpHX37Ctje1P-r2KC2i7zVNu2m9qV2u6lk9cMqVE_fdeC_hfBMBbNNkJerFMvMIaajlXS8lQvmGegk-awMpZPbGbvt1Gydnpa9Tq_UuYzmeUmsQm6N3uhme-yQVZpokI6Rg8P2KuadF4-q1jbdpsGSIKxmHsQGJmfC25Ss3AkikvYhj1I1YOD8OUKY_U79-Y7hLwO49SD7HvwTSvLOGVWSIQvkD-h70jDVgpAq2tZZ25Bp0MQlnoQ0KvcLfhugpTHzBc084n-XlZzIa_Wb7M2KuILoGUpod0hwlfs-TjREFsCESGAdSPo-kO4DPBD6rzJR57rlgba3HugAMLmAEDh53Voqobp4ICVcJpeneNbU4AhUiv4TMkhdripmH03Vd2WSd9lIkLH6N66aInp3AjlU_MzGCnaZm_C1JoEzfYh9yFInPkVvLy8HMfFssos4BT&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  360. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  361. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  362. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=JDvF7LMiWiv8VcqMgGLULra799k6QiIEUMhDurwYkMexuJZPEolbfLxGidFauhtc_YdJGsgB15WpGu_dP3fC6ID_eOF18FXCjRs906cRqzrnMNAT_eIqspSUbymja84ZhzTpO0eIhbkEBZOwjms7epI5aAeQW7tJCK5Mim7_eXvDdoCsRbZ8mLcJorEsiU9kXTrM4KbwfzClvMX7YD6VyiuBXw8cHgohWQ5emoT1IQHUJq7c42eEdGBbsOjy6ke_Xzl-xkaZIkeWqzyopHXLfhuDParpFVxP_auv7DO35lQJrQ_FgifUwDhg0890zTaHBuBWiYraUBsqtHG1oLxcErCYU9xumiBKcKqF6qoQx6168uqjvmylHhrdOOKBowOnG7jKc78na4lkEmzzqYV29_1-ohHyJ3BP_pLHa5h53BXdF0nZw2avLf46Rg-y-NG-KsC6GaOLTxeDZorgwJHqkVbFYCm6kcQeY_fGkjjDhyYUPnVfXJJT7K4l_rrc3ev58RYPwH742OcrSOxm2E3awrnUVBwQXC8seMzw1tUdvR7UgGe0BVzlXH7hm64BmolQUs8G5GG39ar_rkAoYj1hacEQHWB33CYeZCl-saZleSR4FD8O6-64-vaT38qflMV6MAs-xZJ50Q66H-sXHUfXspmySLwpnLdRVeOO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  363. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  364. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  365. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=fHYRpsxuz2GJEIsiyGIjreBtyRwktBybTAetrbdjSXgLRGLtZsUf5ETw6Lr-UsQhnsWw_smTwKzpDsBTqPaFTC0jb50q95o9lfXvYZkj2wYQpXsNepI6TDr7b0Xeo2ZvCXj-d37LycChA_WM8qxxpKAFNTi4nqJ1cSDtKKPxU77SeTLD4JC4PQh_6DNPRhE0UDjZ_imOMvp84uNTtBxrEFoPrg5N54IShwjNjm3Ycvhzg6dyo8wXmUNZeaJnV5yb2klRa3CgaylanG2s5gWjXzfyrLV-rzelfYlzhpZZJFeY9R2XxR6tYCpJkWbjcBABb6UiecOIr5FSdFjpuBpyzMq6zzjdv8K8ERiPv27rRBxDWGP4UvoMklr2vSUcZPaVEz79YzKiwD_69MuUddc6ZdyZmJZo4K0_ouLQderlJGlzYjWAY5D3rm219lUFIu5BxWksApzRxUfjY17Ey3iNrwAdYSSACtds7ddpB4qRsKOG_2EzV0lk9ifVHYS6xuZfHqgqJUiUGojZs9xfGkn_OCDEkVkpzabn-wY7OfZ-a25eGMjHbzv6KgAsDHA1h_Jli2_ADeWrxlGD_vqXEfXnrZXiVHm-J_iSRgHPP6sCfR_Uwm0C_jawCTlR-QW22jROVwvT8OryZ0T9g_oAY5Y_Pf546vbJA6Dvx1ms&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  366. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  367. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  368. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=o3eEMY5QlaPs9MxWXBq_bwj5dxekOj0V0aTsd5rLYLLk7rlWTTjWTcK52nHf1GoM3zLjt51ohKhd-MPJfkTaP52k_KOftRwlBbEorcY6tR68PqSC7Zx3_HMPJml7eZX-9rzxI09MueuXzhnOLt-b_YflvMZQlFGRqwyY7r2oJiff2Ytqn4zT3KBvqSSj_A_fdwIXIomOF--KZ7bDtYEqCfVmkLZpA0BIYColGKmfBe27Q23I-ZUoHw-6t_lpl5ctm52vnVUFimhB4y9lieOxzSk39zJmDMUIpoqP6DUVGH_mtNaLQwIOKWjFZgZNLvke2e6lugJY-PosdxXjmB3B5kfMfCXhtq4WJBDyPbsepdyTEtLjylmGS06E3dvwpvSLZ3ZC9VuPhKxS0LeFh163D3fqmHwZjItbLyetksXlHLxrrzWf24xRr8SK8DrAVeGPJnJ_6xZE1h9Cak8HbCJF2HlQX8KnElQg0vUgGh4Jce2pvrkPlB3PSt7l5EMcqOrvVqAyYslJ-ebgwXi4wYmuNkme4q6NAS0QrKhIlg_cCl4jdL3J4QDb2kpOfjapU8zZ6g4GWuB_rsTkQnWBqpwhdr6FMCAejGCNjQCNsPPU5zAec2Ql-kTbRcvrUsyT9TJQ3jXaB2kvGZx-uTNyW4w3jZsKa8LsHAengwv3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  369. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  370. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  371. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=93EfXJrNjFDMV-ond7-W_xM9x8s2snkBIJXMilKuo3Rk0iDNsxT0cEU631C204MsGdnMOBZ3BRitnscyYzVWpCvinexOZtshmWQLAf5bns7uWduZdJH-IXgQnOIRXsR5DKxX9mzZBGR6gjtCn3U-JlM7Em62oWZZgtY6TbbRgjD_cA40ShWi-d686d8OzumAuT3rrbrjUUFvX9BpVNW8kqVjGxWDb8OTdzq9vH3oTAls8JKTCgAExjIY7iWf5Mbs_mMyl95giZxawZuQXu1NyopKsyvDslxyZg3rzv9C87sNH2XwkGkj5ShBmXEz6sPG-XIyZWNPrNAYX9OtQZqWxHzqaVlmgEd0QAr9NyjbozbkYl2EM73i-197Bgm_3KZrnBLgMYvoVCMTrlW9hmQZZ-q_DwBxu3t-urS7rMSwr2TrJZpRijzT7861d7yBWwsuJ6i2_g-0R-3kHssWze0V6y3_dipL9h0LGxp5D-L1541hqVyB3TFNR13qhEh6ELrtx94aDcqP_rbIIxJOxnscZ3SKzE6CI89ZfLXIdeNqLHtFslQQghlDNnEef_cZsey73Qor38l51cNcZVZTzHJbES17q9u4LBhcD6qG9LfDV14Ev1FgF6F4Nw0K-wQGPYq_JVP4IxRSwsqSc4-R7k0CmBPeNvJIzlhiZb4v&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  372. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  373. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  374. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=5I5knLYFLxkGVr4iBAuTnViOuB1yOntin56OwH99LDMEQM-sFMQ9nCQwhP4C0TbCHLFdmf3COzuoTFAKUQsK5PmWFVhewPeiUUkHYDTpiQh7CG5LRSWmcEt58AGcYxovjcWFxNqVO2WSpQ8Z1aH5ZHvwoIv9Y9P7xxA4RwOcaob5vZxMhb-7WIu7NcvWvYl6U8CG-JC8aHf1IsSB_Rj-N0ES2gqRh4hSP9Fxosp7W-VwH9lfVquzS-yfQnzM2CPtwFirUkotGundu_Sds2HBUDRwqOK7GhkYJ3qfVwO_9mJxOz3JwDR12wmeYKeHqm7R2kd3nv3rn9vvoq8v2xxWOORfX1DG8KdR7wTaH0vY96ayqJ6IjfMNIY0ojw2faFkrTg2eZTWrhtGdsrhRruvkMKOGTnfa0DkqcZyMp7dflyRx4lrFVdXHlZFfDruaVJzO5RdkWc-qNsmIMBz4Pc18yPVHeXcNrSGhEu38BLpGY4TIFFwrcxOs5Dsvq_2XeHwD3pLJmMq8EaPki1ME_BG2nL2pZgH5l_7iOI2ZOF4Q7S0UxEGnXIY7I02NK0NXD1YBshTxuTHTd336lQR4fuojO8NDVg9QjsDfLDNSPIGCoifyXgK6_4yXo0k3qXvfqNa526uju6Wo8cobPuCaKsweB_4B7i3Kj94UI_6_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  375. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  376. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  377. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=WXm3XNZwBrxqdo6SrcY7mik4wmGKyEsvOdCV63pBJccFrAw1Ryu-PXd5FM1Ko2mKzA01lqXZUCZFyzU1RoD24LX9VxEWlWFPKQPqm6mT1xPRiHAAZDWucUK_I8a1zkJfoeIqqD1Gl74JV2Tl2LS2Rarxoiu_G6x3WpTJOntsW8ksmQBnYa3AT4K8QpYzxL8MkSPiVmAwZ9gTInUL4sG4xQysRHk8pdQuNZWLYJBqz7nQexODB80LJkqzNKSq1kys3_xX6kf0dagQ1yxDgXefOWvOYNfxODPGQPdV7jLoYDuNB-gwcqb04aJHWne7xtnRKINujQM5EYCHTrHQgjiCuOiiO8wZFRRdrR5ZlvXUOkLz5VpBvlNvd37BpUnvUbvtSBNDhk8LTMvfe9FUbhMpqAUrOLlJToObac9L3_XzYga2YYdpKNODNSi_mTn_v5ZA--mlXMVyqQ6YbFS3xloS3FHP88ymauEAyuU9pZuKU3UvCdxFlwwx3jQ41dLEHQ7JjYFtUyPurAQEM5XYiHV6FkcobJmp_qr_3rF4W45cqViy0wOfC81qyibG02eBiiWMvDWRsWgoDvO-JwT7sbNRBZihO5Ghly1jcxt6OexCr1Rz0on5vh91xhOPem8c6KBBMsjI0_OYFSK8aEHFQ7jLQ66C8Y3-iduODiwA&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  378. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  379. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  380. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=GsX1LPqwx8OF08t1UBH0PWLzfNNCkhzi8hqD-4mFRNpCa-IzuLEJVVx6hEYWdQltTQegVnRc274y2SC6IYRP0miXJc_NeVN7_l8gOkm8zBAaOLfKtFFRpZdYxeUVzskFpQgkt_v_l3VKGOpziQ4BAFGeQnd9Mufnf7eYWwX5cGDVeZCnsU0SvIvh3FaoSjE5mxhUa0zpcjB1bGPwFbsWeSEZJ447ABmm82_HfuGn6j1DRcHy4DeJ-AJMSAo-VHIHJrpWWBuN_-M2G1ehG9lOZZ44zatmqbLF9RNVTfMtiVlBp9ww10mJWm_KVWGk0bp8aqB064XsnUS77WBHv6U-StMofwHe4JEEc9zA6NoaL6w-AoZ-ewZoL3cOMHkCVpqUfXB-bHo9rdAFLiByfiOG0u77_j7yaKCW-Y1FSOLhStchnEHZuD6vFtD8Dd2JEOcA3Umc89x-DheWq8cgzxG4P1nkQiyKjJqF4Nw7FjfzExJdDgluVxWgcIy6XTYXDOv0c4LKtqsrDXc20qvXCDVpI8K7Nt3k5iDF5pa1wQIHt8FAUZB0ibbWeCTK0dO9lvGXNU31ju15G7mvYB1a99pfolA3vrxTFsikukhF2nuvfo8wYtpLzzo9apl2PBovH-6ev9buTFAO-m7xSzrYehJo1lDTnnbNbK8O0Ux1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  381. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  382. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  383. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=1jmRBcXGjq9vSR3SExKpEvuLBA2Id8sfC4u4g0wnDNEgYmdrhf1HNqVlmBRwQHPxvhE6OWMwF0CRrMvtfBYZJHW5HDDJFV4G1kAbWWkHFbOHP5i1bi3sU0loRa_YFogDSvQcNyju5n4r7m9x4LGr3-OXyJP4rNGuOBw2GZ4VqZ-aW3eOQFMV3t1CDcHEfqsMjPZ8HV7rslJfVQagShTWmqD4d1UzYqh3cckG7gYjgDtupHAFEBbax8G_KjkYFd_TnxxcFB4rNCEuEFXUT2qBSi6rqwZpBsTOQvDHPjqoadVGOM-4c4Pq3yss9bqPOmytOX90YL0owe6eCKk6bkeHd_Q74Qt9GpS7Fust5SGLRFrCmTuJM7AI7LCyGtcOew09G9A3dIazGk6s2VOLdZ17KNfKdkzEoIwdgAJP1_7VS_-X_KRHjJuk7gsMA7D-QH7HqZcaMPxRnBuemVObEqAYZK3nvmmVZqf9Z6UlJZ-rRfzzPdyOMKQ5KOsgNAg5Opnc_KpM3xmicfv44YhPLhdmMYQsE0n0qpd12hnL3Oo26bUoNOs6EEoPOyppzy5kwQr6GXJYnKSRDBsGoZoRe797MWNl1cSoazuA9orsKR3rVkB_DPn8T2yaad6C4KjYHjD4BQ4eHhuT6ZZgFCXAxPX_uYpHW3Wo937k0xs9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  384. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  385. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  386. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=Hp35ZqycdmGKJX53Gu0RnmWWIFQ44iDhljplIFRSfmeEeN_Dr4jKXc7n_4mi5AJgz6izp6yjyVwJ2ppFQJwNYEDH8RTgNUaYLzXj686nYlXRKfctj3QMRp1Rt1di6ZHv8oxh0i3aJBCJIXaRFlVHsfhvQOSpcoRr5TTvnrjrDUuEEYU9rciHXVA1XzykifV6C0yga7Ek4eFekDjHn-g273xK-yhOBEQztLusP2giLt6djr3wmxkXOxnRg_RTQB4TpCezghL96hP7NMEby0gaqA4A9W0gDrt-k-3xRi7fqHeg6-acjqIKrh8PkqLsvoIJfBjFxlKAieq72tJsOLw5o9uvXcyKDqi9dztQJKzgZ8U6lYsuXcu0WgF1Ub0u6c2KPQe9Q3VfYviN3nEK83CBUv7TJdHao4IlxxM5ftk3rRZ-kRsYhr44XfWXyIwV3o_9xdJCHaBj3YtBoZ5d2Gj0HNTuB5mwld1PziKNNpoX39W0epBq2zaF5qtg2JzIXOqlJdU7L4PMARqiAS9q8j7PwSiJKmoDZC7RLZ7FEfWfEXLl1Kb1GNxoThubaJ_tumY_jdOB-bDKfHLzTjiB38O3w3C6Csee--vZgNfNXnv89C8-7RbZ27eyXnYbzp0KADhHJlgxTPCRyenlTAW8iGBuQjF5vj47bWOQRkOH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  387. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  388. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  389. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=krSLzhBNDY99HjhnpQMu-aALz2EqFJGk65HN1amuw-zf_QCVGa3MWHzWyhAgUuX2Dra24QN_0tQHKdVyuppOvA-r31y2f4D6Uppj5V4defMWqcJ1BUFxjJniltG0cGvMW_cHFBP6Nod-7Nv_IQ8TiyeAleO2JaGWxgoNhso0Sm22ZsptMayNe_sHiJ0x0t22l-CBVG_ZZ5yix-d1nK2HgDzw6fDilxXyqpA4iVf5VyB-Q7l4OfwivkFNJVCSkDt7ni9Nml-EsDBT1Pp0515UEB-NkbeRGCOcXKSSYdixAk8wJzFOzrBmHSTqAHel9mQyhGJKiC09cBy5KGPWU_1gxFXXzdIYn07BHnMiYARMS_BbMx37CnmtcBouXlup5fapRVpFMUpAMfkuOePO9VJspTAjTcaxSGbqZSTIoFJd2dLh2LtKUvDTmqe4p7eu3zmkleVZTja8IgmhWdUZmar5C-dJD8RkeYkkgChcuqcgRmVetogP--_tvqDA1Xvum9-fVLSCMMG4IZ0uQ9y6SPhlYSs3s8I53sHYRpjqV-FOCIq7Nu1zECjHmNIg3G-CUzeFq-p0NVPfa-F6ITAZ3hjOwnRvEyaI6xo5FESvN-oLqEnlmeYbY1YMcclJ5IPTHSVo0KuWQ-GI5eFfkywMObp-J455nWfRqxy68rYf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  390. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  391. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL
  392. https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=gw80njn0DmKzqxGKvA15HY0Fi5EMzaG6OXw7St-vX7ASkgEiypUJTcKHFby5peMNXPTiwbLNpQ6uCFSTnde1hUQRu4vf1kOFSx3PpGjcXseyLkiRWuRs4N-fzSZqaHnAZh8g8ox6ZQiNyHTzFO_MyGkwFRzwsihUMI7DUnwknTlikrX8vKlZeGnNpsoPGVrFNVFWghWkPptmPhpk94IF4TGyoy5u-iBLbc4Sb-vqZp9aXHPx8B6DHW0F77bJKhq_UqC_2zrRQVQgeWFwuB5b8P50O8cS-UzjUhsrC9TTUaYK_tEe5572voCC75LdttZ3ho6ojoPB8EIWNYc11afJWphBI9uSliFxPYf8_Au69sk_RGF9HtMG7nFq8DBw-4H0k7j46bDwbox2E5udqdPszfdB69dCaPbt4OvJs6r8dcRgb_wWwSJ0qooWzOJO0b3VdGlbMQfA0cQLGnp6MHg4Ljd_yauhU4AnRHzezBsq7pzXeuf5of2QW6W8dPd3muvRKS8b2zZLgVEWWAzO0N350INbFcHFUM3AAj47acz1vShqwIIo6SrnW8l5IWkqCeKWUIQwNWqEMCyCuivppnnyuekBFWUlPB9QY1SbtHLpKjSJM5B0c0M9zP9Iy9Fxbev64ffEtQwPHBBeBXC4S8wUVc_xWKJQcp1x0Q0J&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  393. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL
  394. https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1575 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1861460
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5cc1c31351907cc796331779c86e248e8ba6860ad856b258426d5bd257743291

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1861460
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:22 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
UID=2109121405b018471e72904644980c67d2a5; Path=/; SameSite=None; Expires=Mon, 12 Sep 2022 19:05:22 GMT; HttpOnly; Secure
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1861460
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:22 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1861460&pb=7e88f2723a137b6865e846719f3656e41631480722&psp=St0j-6SWXk6oo2TQoQ3lxlly87kJU8LFAQD4QV-B0x6bBPaAo17WWapTzGUO8HGI-YA07NXS13zPHm1vkDt8VE5e1QPZdOb3N2ygOyxUOi6fviUq0zepwYeAvuwfxa79loRb46MdaXVuTHHjwBukeg1AcyILCjGRM8FI8x_aS4HfqaMNjDXekyK7LI8kO4fGRY1-FtruVMoBN65DcS7e9_q_jDZp302hD-N7mkyUDximYJAIf0Ja6hulUy-hCYyogqUlyBakIU4XAJjXaw07jqYwEI-Xav4t_VvV2eecSY5zczeF9851rrGx3tdTGdYM5qL8lP37FawyFWMyTLvnJ4ADhna9Sd9zP2CpQEt31bVRoLhZ7fRn5U-Ec89GFfI2ZCcl5NMxCqAfjxh1Iym00ukURi1Yied4wnl_F23SC7c_oYUbVKlIJhOKgEn0390ULFrDz86OLNnq0bJF0R0I6WDJuCwuvydE0lfRTVPhPRQN-6VzudRDrYWHwM6_uV8Iq1uDdRxzE-b-JuLuPSvJV5p8a9GZn1nc4H0j4-QNtNH24Pmeg9HMINKyQFVmS8C_9AMd2k3_rNG6vPOh1yYhd7yeSNHVUaleCcW3gxXpypib8AdXkiXtS6b0Y6F1C3mj9xPLGwYCjVyypWxIKlAha-_qQIBo47N3L2rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d4252a5fbdf9176f5828ec8096ada045a0465a18f2cb9835b7f3c8957ebed910

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1861460&pb=7e88f2723a137b6865e846719f3656e41631480722&psp=St0j-6SWXk6oo2TQoQ3lxlly87kJU8LFAQD4QV-B0x6bBPaAo17WWapTzGUO8HGI-YA07NXS13zPHm1vkDt8VE5e1QPZdOb3N2ygOyxUOi6fviUq0zepwYeAvuwfxa79loRb46MdaXVuTHHjwBukeg1AcyILCjGRM8FI8x_aS4HfqaMNjDXekyK7LI8kO4fGRY1-FtruVMoBN65DcS7e9_q_jDZp302hD-N7mkyUDximYJAIf0Ja6hulUy-hCYyogqUlyBakIU4XAJjXaw07jqYwEI-Xav4t_VvV2eecSY5zczeF9851rrGx3tdTGdYM5qL8lP37FawyFWMyTLvnJ4ADhna9Sd9zP2CpQEt31bVRoLhZ7fRn5U-Ec89GFfI2ZCcl5NMxCqAfjxh1Iym00ukURi1Yied4wnl_F23SC7c_oYUbVKlIJhOKgEn0390ULFrDz86OLNnq0bJF0R0I6WDJuCwuvydE0lfRTVPhPRQN-6VzudRDrYWHwM6_uV8Iq1uDdRxzE-b-JuLuPSvJV5p8a9GZn1nc4H0j4-QNtNH24Pmeg9HMINKyQFVmS8C_9AMd2k3_rNG6vPOh1yYhd7yeSNHVUaleCcW3gxXpypib8AdXkiXtS6b0Y6F1C3mj9xPLGwYCjVyypWxIKlAha-_qQIBo47N3L2rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:22 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAB; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:22 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAB; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:22 GMT; Secure ppucnt=1; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:22 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1861460&pb=7e88f2723a137b6865e846719f3656e41631480722&psp=St0j-6SWXk6oo2TQoQ3lxlly87kJU8LFAQD4QV-B0x6bBPaAo17WWapTzGUO8HGI-YA07NXS13zPHm1vkDt8VE5e1QPZdOb3N2ygOyxUOi6fviUq0zepwYeAvuwfxa79loRb46MdaXVuTHHjwBukeg1AcyILCjGRM8FI8x_aS4HfqaMNjDXekyK7LI8kO4fGRY1-FtruVMoBN65DcS7e9_q_jDZp302hD-N7mkyUDximYJAIf0Ja6hulUy-hCYyogqUlyBakIU4XAJjXaw07jqYwEI-Xav4t_VvV2eecSY5zczeF9851rrGx3tdTGdYM5qL8lP37FawyFWMyTLvnJ4ADhna9Sd9zP2CpQEt31bVRoLhZ7fRn5U-Ec89GFfI2ZCcl5NMxCqAfjxh1Iym00ukURi1Yied4wnl_F23SC7c_oYUbVKlIJhOKgEn0390ULFrDz86OLNnq0bJF0R0I6WDJuCwuvydE0lfRTVPhPRQN-6VzudRDrYWHwM6_uV8Iq1uDdRxzE-b-JuLuPSvJV5p8a9GZn1nc4H0j4-QNtNH24Pmeg9HMINKyQFVmS8C_9AMd2k3_rNG6vPOh1yYhd7yeSNHVUaleCcW3gxXpypib8AdXkiXtS6b0Y6F1C3mj9xPLGwYCjVyypWxIKlAha-_qQIBo47N3L2rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:28 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:28 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140587f26148f9d242df897ebb82a1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3d6ef99a34db0d334cab2155e51fef4e0805350f9a50ecb66413479f3d3c865c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAB; OXPCLK=AAHg4AAAAAAAAAAB; ppucnt=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAB; OXPCLK=AAHg4AAAAAAAAAAB; ppucnt=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=Z23XRvEWnk_5_bkuikFZF36qxodSGJQko2FOVadEbsdQf3WAJLkyGqfQPaDJVbfwMdUvq0bZqldfHtyCGfXorU86_h0ThjD-WozJekCA2f9w4KhmFJ6oGT2Cubxk_0B0z9oZYOXj568bkTwEFdeq9GlYDAiqv438M2MayIfSfwAOdgHKMRkeq-ZWpclAPKZ6zDC7OvDPLrADe1BtTTGgOGthH5BrOZzE49RECinHQjZWF_SbPN6ZfNS2W7w0w7j59OfJPb05_qNKFJQOPFUFfUf89G5pk37Ccaq6MWMNHvoFOGwya_fL_k8osPUl8iwnywagw_WeU2jnGR11z4T7NRhzmnx9MUIZTcNx1EyHG-N1FQ8SCG-K4UsbEmgFp_H27x3jLlVKcc5tYXy5qiW4RgNUJBNMSfZGMhO-aTcsTa7cGUjQ91pA752E5a2NZGmFz7Bptvj9r4sRNiKtc0LgvGgo_Tzc8WmV1xXmvYNPCHspoxMZoLF562q9QJ0mD8t37RJ7NeW_OZMZXYptF6uqrncY3I3wNCMM2SSKLOiImuJ9msZvNboWxXwkQevWXdmDWvWN27bpzK8BeW7JgElroTEGDF_wB0rk0gVeAJ0prBsIBaiHAx97ADUEYQ8QoQ9VTdaB4lYlhYSmmv4oFTtN_xMwccewDahEUmbM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
84e8efffc562bdd26785536ce59061a3966dabfffb07b6c3b68d7b2092aa9fc4

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=Z23XRvEWnk_5_bkuikFZF36qxodSGJQko2FOVadEbsdQf3WAJLkyGqfQPaDJVbfwMdUvq0bZqldfHtyCGfXorU86_h0ThjD-WozJekCA2f9w4KhmFJ6oGT2Cubxk_0B0z9oZYOXj568bkTwEFdeq9GlYDAiqv438M2MayIfSfwAOdgHKMRkeq-ZWpclAPKZ6zDC7OvDPLrADe1BtTTGgOGthH5BrOZzE49RECinHQjZWF_SbPN6ZfNS2W7w0w7j59OfJPb05_qNKFJQOPFUFfUf89G5pk37Ccaq6MWMNHvoFOGwya_fL_k8osPUl8iwnywagw_WeU2jnGR11z4T7NRhzmnx9MUIZTcNx1EyHG-N1FQ8SCG-K4UsbEmgFp_H27x3jLlVKcc5tYXy5qiW4RgNUJBNMSfZGMhO-aTcsTa7cGUjQ91pA752E5a2NZGmFz7Bptvj9r4sRNiKtc0LgvGgo_Tzc8WmV1xXmvYNPCHspoxMZoLF562q9QJ0mD8t37RJ7NeW_OZMZXYptF6uqrncY3I3wNCMM2SSKLOiImuJ9msZvNboWxXwkQevWXdmDWvWN27bpzK8BeW7JgElroTEGDF_wB0rk0gVeAJ0prBsIBaiHAx97ADUEYQ8QoQ9VTdaB4lYlhYSmmv4oFTtN_xMwccewDahEUmbM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAB; OXPCLK=AAHg4AAAAAAAAAAB; ppucnt=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAC; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAC; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure ppucnt=2; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=Z23XRvEWnk_5_bkuikFZF36qxodSGJQko2FOVadEbsdQf3WAJLkyGqfQPaDJVbfwMdUvq0bZqldfHtyCGfXorU86_h0ThjD-WozJekCA2f9w4KhmFJ6oGT2Cubxk_0B0z9oZYOXj568bkTwEFdeq9GlYDAiqv438M2MayIfSfwAOdgHKMRkeq-ZWpclAPKZ6zDC7OvDPLrADe1BtTTGgOGthH5BrOZzE49RECinHQjZWF_SbPN6ZfNS2W7w0w7j59OfJPb05_qNKFJQOPFUFfUf89G5pk37Ccaq6MWMNHvoFOGwya_fL_k8osPUl8iwnywagw_WeU2jnGR11z4T7NRhzmnx9MUIZTcNx1EyHG-N1FQ8SCG-K4UsbEmgFp_H27x3jLlVKcc5tYXy5qiW4RgNUJBNMSfZGMhO-aTcsTa7cGUjQ91pA752E5a2NZGmFz7Bptvj9r4sRNiKtc0LgvGgo_Tzc8WmV1xXmvYNPCHspoxMZoLF562q9QJ0mD8t37RJ7NeW_OZMZXYptF6uqrncY3I3wNCMM2SSKLOiImuJ9msZvNboWxXwkQevWXdmDWvWN27bpzK8BeW7JgElroTEGDF_wB0rk0gVeAJ0prBsIBaiHAx97ADUEYQ8QoQ9VTdaB4lYlhYSmmv4oFTtN_xMwccewDahEUmbM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056c6791a6402c4f77a8100b0cb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7e023537013ec1b351aca5f9486d1d1d330cef72da59c403acd057aec9cb165a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAC; OXPCLK=AAHg4AAAAAAAAAAC; ppucnt=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAC; OXPCLK=AAHg4AAAAAAAAAAC; ppucnt=2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=dJdFX21yPnJ-d-Y3QLdZ7yq7bhbeeA5Jzg1E_U12GbplP219UdIG7G9oCf9W34YvXeACHAe6KSvqchvJyeOl2knLMFtLfchuivaZVlHmoWYYC-d-_svQvMwXvczeF5eFFSOCg1S0ft-83_xEkLoxEZXpNJdrf6_UDEC8PvfTd74Mp4PSIhLhSo9Dro4snQhOlQMN7cp9qkVKdUmZVrGWhOQRMYIWu8Dqao7cQXrMvJy85m-CvBTsXH8sjZn1ICHebT4KBFOQziSEPE2R7Eqtz3RtRHSZgKNSbvLKxeGYUnuDaQiOD1J1SFdOMd2-5TyrKK1hpLtRD6bhKUi8aIBea_aKYljX-42pSB_7-NoX9Sy969QQjtKaQ0MxWfreCiTtrDWoTCwZovz-ctKiWLOVpyJjL0NOOGgeQJ_gSwYDGunWHCobyYBpv9n3Q3TK-3RNRbJDmLz8kIvk4UsOt9Dpyn3mzmDFy3PGV1plFa522dWct1md5mOi9h9L12SAhdY2FUVGSJeEcQ-jW3MwZOthLXLCQ6TQwXmJLuQZTIdD-4UMOktvgjeCTK33W8u-b_DGSjp9Re-GID59d4wKzIAJt-m_SIdWUdl0KGBoNkI5GsiE4ucjRoKG3EtLVwpwpuPCZ0xqA9tRahf13Iw3KyA0-cBimXgcMQc7iFq2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b55934d2ecc9e7760227dac7c405d36540ca76d8cbf1a54c856cbe1bf5155e54

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=dJdFX21yPnJ-d-Y3QLdZ7yq7bhbeeA5Jzg1E_U12GbplP219UdIG7G9oCf9W34YvXeACHAe6KSvqchvJyeOl2knLMFtLfchuivaZVlHmoWYYC-d-_svQvMwXvczeF5eFFSOCg1S0ft-83_xEkLoxEZXpNJdrf6_UDEC8PvfTd74Mp4PSIhLhSo9Dro4snQhOlQMN7cp9qkVKdUmZVrGWhOQRMYIWu8Dqao7cQXrMvJy85m-CvBTsXH8sjZn1ICHebT4KBFOQziSEPE2R7Eqtz3RtRHSZgKNSbvLKxeGYUnuDaQiOD1J1SFdOMd2-5TyrKK1hpLtRD6bhKUi8aIBea_aKYljX-42pSB_7-NoX9Sy969QQjtKaQ0MxWfreCiTtrDWoTCwZovz-ctKiWLOVpyJjL0NOOGgeQJ_gSwYDGunWHCobyYBpv9n3Q3TK-3RNRbJDmLz8kIvk4UsOt9Dpyn3mzmDFy3PGV1plFa522dWct1md5mOi9h9L12SAhdY2FUVGSJeEcQ-jW3MwZOthLXLCQ6TQwXmJLuQZTIdD-4UMOktvgjeCTK33W8u-b_DGSjp9Re-GID59d4wKzIAJt-m_SIdWUdl0KGBoNkI5GsiE4ucjRoKG3EtLVwpwpuPCZ0xqA9tRahf13Iw3KyA0-cBimXgcMQc7iFq2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAC; OXPCLK=AAHg4AAAAAAAAAAC; ppucnt=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAD; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAD; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure ppucnt=3; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=dJdFX21yPnJ-d-Y3QLdZ7yq7bhbeeA5Jzg1E_U12GbplP219UdIG7G9oCf9W34YvXeACHAe6KSvqchvJyeOl2knLMFtLfchuivaZVlHmoWYYC-d-_svQvMwXvczeF5eFFSOCg1S0ft-83_xEkLoxEZXpNJdrf6_UDEC8PvfTd74Mp4PSIhLhSo9Dro4snQhOlQMN7cp9qkVKdUmZVrGWhOQRMYIWu8Dqao7cQXrMvJy85m-CvBTsXH8sjZn1ICHebT4KBFOQziSEPE2R7Eqtz3RtRHSZgKNSbvLKxeGYUnuDaQiOD1J1SFdOMd2-5TyrKK1hpLtRD6bhKUi8aIBea_aKYljX-42pSB_7-NoX9Sy969QQjtKaQ0MxWfreCiTtrDWoTCwZovz-ctKiWLOVpyJjL0NOOGgeQJ_gSwYDGunWHCobyYBpv9n3Q3TK-3RNRbJDmLz8kIvk4UsOt9Dpyn3mzmDFy3PGV1plFa522dWct1md5mOi9h9L12SAhdY2FUVGSJeEcQ-jW3MwZOthLXLCQ6TQwXmJLuQZTIdD-4UMOktvgjeCTK33W8u-b_DGSjp9Re-GID59d4wKzIAJt-m_SIdWUdl0KGBoNkI5GsiE4ucjRoKG3EtLVwpwpuPCZ0xqA9tRahf13Iw3KyA0-cBimXgcMQc7iFq2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405865329d21dee4464be9175bd48&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e388c914aa0e799eb5a6feaad762201d147aaad04a308a3bf24461b3b5941ea5

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAD; OXPCLK=AAHg4AAAAAAAAAAD; ppucnt=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAD; OXPCLK=AAHg4AAAAAAAAAAD; ppucnt=3
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=32udam92X21o97DddWYzg79QfMMRzRCkcDGSX2C4WNbXZeo4FXz3S5xZaZHACyvraVR53JlFqlR5JgsizoZZl09XQUoH89CiymF0SnfBYuWC1QCBIZGJuVlupGfcQeGdG8rSWtV25EO4_yphVlLXt4vM8IdiQxLbq21zmxiLFh-82cITkl5eSvot-W8uHASKEQ4E2O1j9rYejx3EyPvWMevovXp1dKviHNYA6K7d9Fdj3VNDf1ooxu6eoRj3TEzUWFSlMaMyeGkTZ28oYHVgp0h7O-Vs0aLcPEzNWJozFoDds_5ASa_NlGG7oVRtrOxJj3vawr27TjFSauIk32La8uQhNq6dkoO4i_KKN1YslCN_OT5DKUWU49QqtEgP5gm7lxsZT4Mnpw2HdPA8KFZTsOyYYtgQz6X4X0UYKepihtyo9267pwOUQsS8Xn8PelhuALovowJ_v1OPg1HXcDbOeUWAHSX5tQoJuh2PP_0m4ZA4-0TUF1iwwX_SpF_GA0-O8_076_DR5ZqpFjONahE6lci6QHPTKqnFObSd7aKBtL7XsVR13SdnMk6MZPhEr-4TstnPTUxSzoHjTmp6LU8pDpMAj0RM5Kjd31SqwC8oPxxfoAPGABtLKyLLOOWAdjK2rgHFJBi-TQJ4ZY0h2-Au-klyStmv6IU0eKJG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
26ef281da70c790324127e50d334f55de79ba95cdeefce620e887eec296960df

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=32udam92X21o97DddWYzg79QfMMRzRCkcDGSX2C4WNbXZeo4FXz3S5xZaZHACyvraVR53JlFqlR5JgsizoZZl09XQUoH89CiymF0SnfBYuWC1QCBIZGJuVlupGfcQeGdG8rSWtV25EO4_yphVlLXt4vM8IdiQxLbq21zmxiLFh-82cITkl5eSvot-W8uHASKEQ4E2O1j9rYejx3EyPvWMevovXp1dKviHNYA6K7d9Fdj3VNDf1ooxu6eoRj3TEzUWFSlMaMyeGkTZ28oYHVgp0h7O-Vs0aLcPEzNWJozFoDds_5ASa_NlGG7oVRtrOxJj3vawr27TjFSauIk32La8uQhNq6dkoO4i_KKN1YslCN_OT5DKUWU49QqtEgP5gm7lxsZT4Mnpw2HdPA8KFZTsOyYYtgQz6X4X0UYKepihtyo9267pwOUQsS8Xn8PelhuALovowJ_v1OPg1HXcDbOeUWAHSX5tQoJuh2PP_0m4ZA4-0TUF1iwwX_SpF_GA0-O8_076_DR5ZqpFjONahE6lci6QHPTKqnFObSd7aKBtL7XsVR13SdnMk6MZPhEr-4TstnPTUxSzoHjTmp6LU8pDpMAj0RM5Kjd31SqwC8oPxxfoAPGABtLKyLLOOWAdjK2rgHFJBi-TQJ4ZY0h2-Au-klyStmv6IU0eKJG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAD; OXPCLK=AAHg4AAAAAAAAAAD; ppucnt=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAE; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAE; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure ppucnt=4; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=32udam92X21o97DddWYzg79QfMMRzRCkcDGSX2C4WNbXZeo4FXz3S5xZaZHACyvraVR53JlFqlR5JgsizoZZl09XQUoH89CiymF0SnfBYuWC1QCBIZGJuVlupGfcQeGdG8rSWtV25EO4_yphVlLXt4vM8IdiQxLbq21zmxiLFh-82cITkl5eSvot-W8uHASKEQ4E2O1j9rYejx3EyPvWMevovXp1dKviHNYA6K7d9Fdj3VNDf1ooxu6eoRj3TEzUWFSlMaMyeGkTZ28oYHVgp0h7O-Vs0aLcPEzNWJozFoDds_5ASa_NlGG7oVRtrOxJj3vawr27TjFSauIk32La8uQhNq6dkoO4i_KKN1YslCN_OT5DKUWU49QqtEgP5gm7lxsZT4Mnpw2HdPA8KFZTsOyYYtgQz6X4X0UYKepihtyo9267pwOUQsS8Xn8PelhuALovowJ_v1OPg1HXcDbOeUWAHSX5tQoJuh2PP_0m4ZA4-0TUF1iwwX_SpF_GA0-O8_076_DR5ZqpFjONahE6lci6QHPTKqnFObSd7aKBtL7XsVR13SdnMk6MZPhEr-4TstnPTUxSzoHjTmp6LU8pDpMAj0RM5Kjd31SqwC8oPxxfoAPGABtLKyLLOOWAdjK2rgHFJBi-TQJ4ZY0h2-Au-klyStmv6IU0eKJG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054a460c1e47e44d7f91c81001a8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
00123a506d9cc5afedb2597aa553710fae86fcc965bd2cc669d2d26b4e0cd4fe

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAE; OXPCLK=AAHg4AAAAAAAAAAE; ppucnt=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAE; OXPCLK=AAHg4AAAAAAAAAAE; ppucnt=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=UBY-VRHhYg4Ml8cPJZaBiZdtkjP2Ss2WgU1BVkEQ1tKhvK-bQ9hBv2y1e0Tb8-M18NHHUjQNlNdUI4hALcWwmt8nM1squmyD2bzwfq-XX2SqjxBRy8E5b-F0isDmj_cC07xDetolAAhb_jqm1y0o9jzRsbTeM-JUaoCBbZ0Ou1El_EFqpzTB3S-8JY-5Zs5c_9BvK4_8C7VZLkMFyL8XUrqG_bo1psTkZfb4O6LFOW-vk28N5C2X7NAJs5g29B6w1F6-arE2Lb7S04pIOaHOQ3KB-vOrjNylvYpFYeDFeg7baS_6SnD-k1OLXIABSsyToMO0em_BtHt5HIkSAIz03lS3z_OI3R1-_XumDyFhl2wbCS_96CaPYT_IIu3zSZqihvFvkrW0LdN4zadeJRPu8N8Kq-r4R_N_-Np9N5nUgJGerGGFW30Wxwk6neKXZzntwpK9BR_iOPR-OKTNlLDLtLekZLUz5ufpYSIpfvf6wKUT-NQNddA4Z2KM5swUBVxLEyQo2Bvi3lTODMWKZwFfvFOJ9rSQ1cDIL0SufxXslc7ib3_ki_p5tlPpvZ1sBN3FNPWbaMfZFjQDTcuau8Mj3bVMwPyfhaL_NUQq1EZdk1j7VmvHRLCG3NC3Dz_zdiSzLj0TR2ds6dZKGMJD8ySvb0tfQLlZObM3D5rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0e63c35982b9017fa618c86a3aff699adbd0a795be12e8f1d365e107748071e4

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=UBY-VRHhYg4Ml8cPJZaBiZdtkjP2Ss2WgU1BVkEQ1tKhvK-bQ9hBv2y1e0Tb8-M18NHHUjQNlNdUI4hALcWwmt8nM1squmyD2bzwfq-XX2SqjxBRy8E5b-F0isDmj_cC07xDetolAAhb_jqm1y0o9jzRsbTeM-JUaoCBbZ0Ou1El_EFqpzTB3S-8JY-5Zs5c_9BvK4_8C7VZLkMFyL8XUrqG_bo1psTkZfb4O6LFOW-vk28N5C2X7NAJs5g29B6w1F6-arE2Lb7S04pIOaHOQ3KB-vOrjNylvYpFYeDFeg7baS_6SnD-k1OLXIABSsyToMO0em_BtHt5HIkSAIz03lS3z_OI3R1-_XumDyFhl2wbCS_96CaPYT_IIu3zSZqihvFvkrW0LdN4zadeJRPu8N8Kq-r4R_N_-Np9N5nUgJGerGGFW30Wxwk6neKXZzntwpK9BR_iOPR-OKTNlLDLtLekZLUz5ufpYSIpfvf6wKUT-NQNddA4Z2KM5swUBVxLEyQo2Bvi3lTODMWKZwFfvFOJ9rSQ1cDIL0SufxXslc7ib3_ki_p5tlPpvZ1sBN3FNPWbaMfZFjQDTcuau8Mj3bVMwPyfhaL_NUQq1EZdk1j7VmvHRLCG3NC3Dz_zdiSzLj0TR2ds6dZKGMJD8ySvb0tfQLlZObM3D5rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAE; OXPCLK=AAHg4AAAAAAAAAAE; ppucnt=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAF; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAF; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure ppucnt=5; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=UBY-VRHhYg4Ml8cPJZaBiZdtkjP2Ss2WgU1BVkEQ1tKhvK-bQ9hBv2y1e0Tb8-M18NHHUjQNlNdUI4hALcWwmt8nM1squmyD2bzwfq-XX2SqjxBRy8E5b-F0isDmj_cC07xDetolAAhb_jqm1y0o9jzRsbTeM-JUaoCBbZ0Ou1El_EFqpzTB3S-8JY-5Zs5c_9BvK4_8C7VZLkMFyL8XUrqG_bo1psTkZfb4O6LFOW-vk28N5C2X7NAJs5g29B6w1F6-arE2Lb7S04pIOaHOQ3KB-vOrjNylvYpFYeDFeg7baS_6SnD-k1OLXIABSsyToMO0em_BtHt5HIkSAIz03lS3z_OI3R1-_XumDyFhl2wbCS_96CaPYT_IIu3zSZqihvFvkrW0LdN4zadeJRPu8N8Kq-r4R_N_-Np9N5nUgJGerGGFW30Wxwk6neKXZzntwpK9BR_iOPR-OKTNlLDLtLekZLUz5ufpYSIpfvf6wKUT-NQNddA4Z2KM5swUBVxLEyQo2Bvi3lTODMWKZwFfvFOJ9rSQ1cDIL0SufxXslc7ib3_ki_p5tlPpvZ1sBN3FNPWbaMfZFjQDTcuau8Mj3bVMwPyfhaL_NUQq1EZdk1j7VmvHRLCG3NC3Dz_zdiSzLj0TR2ds6dZKGMJD8ySvb0tfQLlZObM3D5rs&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055035e681c6ea4511a506d99255&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5df298e97c5957f821d5f53647f0543b09bf6191820be14e943ac7930e4ae749

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAF; OXPCLK=AAHg4AAAAAAAAAAF; ppucnt=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAF; OXPCLK=AAHg4AAAAAAAAAAF; ppucnt=5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=QiSn2cszqE-owFOWZXvxFzKsTIO2kHxfsDIqURs00KyR9hpVolsmLy0FUAbwM8Lj-rBL258uKtmhv3xnBnx_BR0MbWwJ_ftlsFO9f5v6MdQstQRTkevGIfEe7WEpngxqHDy3aFmnrDAL7E2xgVdAFTL0rSReadYi2nb_nLI9VThM5rNKUnWFloNFGYlLYgLSm37lTwpKo0f3PmqJE7VfZoKFu8-LttjB6UG50QFRSowagas4zHa6cxJmcbiTbhx9_CrfmUjC3LqKKU1ZgmsKlxdnT2LSXt-skQy-Gh9oNDRGytCPzHHysy0JpDrnWbq_cVUqN8tcrtKE6Zh8EVUGJYbi4pzW5E9qV8SPOYDg5BigfGqY5Nx01q7xSXBZuOWWzlVz2KCmgkmpVM5MUbBKJ6z6gpdD1uUa82FdfSMdSOgjQE9p5iB4VfGOTnVgRuJs3lK1O_7gv1g7NoEkKhQZedqi5OCS1pW-hx5ALxjVikZaCSILEqyp8HqkwJhjvmI6RjigdusVSwNBr_bEm6tScL49J7AZZkWpCZN81G_X0kRd74QQkC-2Aqs3GkDO5ik9zrt_MMRclgsYEIQanzXwYKo4_SrS1IWHcxfX06RruHo-UTCOtmsvcn8eLB3GYf8zLBW463FuPEYt8qUAm9YMS6u7dS7Omz1aOeqN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
26d0ceeefcd9fd57821594c0ae7acf43c3964038d6667ed7871db45d67445328

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=QiSn2cszqE-owFOWZXvxFzKsTIO2kHxfsDIqURs00KyR9hpVolsmLy0FUAbwM8Lj-rBL258uKtmhv3xnBnx_BR0MbWwJ_ftlsFO9f5v6MdQstQRTkevGIfEe7WEpngxqHDy3aFmnrDAL7E2xgVdAFTL0rSReadYi2nb_nLI9VThM5rNKUnWFloNFGYlLYgLSm37lTwpKo0f3PmqJE7VfZoKFu8-LttjB6UG50QFRSowagas4zHa6cxJmcbiTbhx9_CrfmUjC3LqKKU1ZgmsKlxdnT2LSXt-skQy-Gh9oNDRGytCPzHHysy0JpDrnWbq_cVUqN8tcrtKE6Zh8EVUGJYbi4pzW5E9qV8SPOYDg5BigfGqY5Nx01q7xSXBZuOWWzlVz2KCmgkmpVM5MUbBKJ6z6gpdD1uUa82FdfSMdSOgjQE9p5iB4VfGOTnVgRuJs3lK1O_7gv1g7NoEkKhQZedqi5OCS1pW-hx5ALxjVikZaCSILEqyp8HqkwJhjvmI6RjigdusVSwNBr_bEm6tScL49J7AZZkWpCZN81G_X0kRd74QQkC-2Aqs3GkDO5ik9zrt_MMRclgsYEIQanzXwYKo4_SrS1IWHcxfX06RruHo-UTCOtmsvcn8eLB3GYf8zLBW463FuPEYt8qUAm9YMS6u7dS7Omz1aOeqN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAF; OXPCLK=AAHg4AAAAAAAAAAF; ppucnt=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAG; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAG; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure ppucnt=6; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=QiSn2cszqE-owFOWZXvxFzKsTIO2kHxfsDIqURs00KyR9hpVolsmLy0FUAbwM8Lj-rBL258uKtmhv3xnBnx_BR0MbWwJ_ftlsFO9f5v6MdQstQRTkevGIfEe7WEpngxqHDy3aFmnrDAL7E2xgVdAFTL0rSReadYi2nb_nLI9VThM5rNKUnWFloNFGYlLYgLSm37lTwpKo0f3PmqJE7VfZoKFu8-LttjB6UG50QFRSowagas4zHa6cxJmcbiTbhx9_CrfmUjC3LqKKU1ZgmsKlxdnT2LSXt-skQy-Gh9oNDRGytCPzHHysy0JpDrnWbq_cVUqN8tcrtKE6Zh8EVUGJYbi4pzW5E9qV8SPOYDg5BigfGqY5Nx01q7xSXBZuOWWzlVz2KCmgkmpVM5MUbBKJ6z6gpdD1uUa82FdfSMdSOgjQE9p5iB4VfGOTnVgRuJs3lK1O_7gv1g7NoEkKhQZedqi5OCS1pW-hx5ALxjVikZaCSILEqyp8HqkwJhjvmI6RjigdusVSwNBr_bEm6tScL49J7AZZkWpCZN81G_X0kRd74QQkC-2Aqs3GkDO5ik9zrt_MMRclgsYEIQanzXwYKo4_SrS1IWHcxfX06RruHo-UTCOtmsvcn8eLB3GYf8zLBW463FuPEYt8qUAm9YMS6u7dS7Omz1aOeqN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056eabe907172244ecb94feeb1f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fa8e197ef7cece29ccbdf18a8f4ae103f71e4c3185d4ed22ad99e3294b4f084a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAG; OXPCLK=AAHg4AAAAAAAAAAG; ppucnt=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAG; OXPCLK=AAHg4AAAAAAAAAAG; ppucnt=6
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=K9pHuBubPIs-Yu3w6yMLdma7jzW7_ID98jbtNRe1M5EVColKpW7RfupG5x-QC9Lzom0OGInm9H4_SHRKprpXpDF0Nw1BOHtmGopPuwBrk1BEwsd2jbPL-7lJCyZix_pcWCIExU20LjVCuvR6uhJQbWeTnmeKOn9fqLhn7FuYDD4tYXdmnCMPZCiGXUG-B2EAXpOjsEffmEYcLAt0C3kvjN2shMBESkXtsLp6IUp9ea7EBr1abyg9MuU4_UO8owSOI41jDS2n5-EyVls7eca2x9juhgGLfhR1Yd3kuE6LdRauQ1FCewrleB9fMJrg7RGEZzVXFIRDDEqDHAC9YBHqPz8Q4HitQcwm1c_nmn2hgYpVWf9EFDVkH8dYVUrzt1LYcjEPF4L6_dbqR0jvd_OP0BdtcLxHuP64gAbgUPcd0a5TtvSwgleXuO3llOHgImjhjLtO9etxEYyWHNBC_p1FtHWcezsKKwg6vmrgDK9bcWkK_LdVuNUkHSM10eQLhsDRYr1_iCRdVYclaIwWa_eYOX8zcO2OHrR3__ZzyVCjWawSxzWSaQBuomOseUXF2oupyKdBurJ8iD9w5iXb4USgmIhbzJTxo-ycjaHIXcaC3XHA-MF_hvHBf2kbSYLFcDw83qMnOU8czmgV3bnVxriNK0PcmJXh0HRovkmk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8c4cea00488c6a8676f0e9d2cfaf97657565bdeb98f5555ee6e296299931b35c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=K9pHuBubPIs-Yu3w6yMLdma7jzW7_ID98jbtNRe1M5EVColKpW7RfupG5x-QC9Lzom0OGInm9H4_SHRKprpXpDF0Nw1BOHtmGopPuwBrk1BEwsd2jbPL-7lJCyZix_pcWCIExU20LjVCuvR6uhJQbWeTnmeKOn9fqLhn7FuYDD4tYXdmnCMPZCiGXUG-B2EAXpOjsEffmEYcLAt0C3kvjN2shMBESkXtsLp6IUp9ea7EBr1abyg9MuU4_UO8owSOI41jDS2n5-EyVls7eca2x9juhgGLfhR1Yd3kuE6LdRauQ1FCewrleB9fMJrg7RGEZzVXFIRDDEqDHAC9YBHqPz8Q4HitQcwm1c_nmn2hgYpVWf9EFDVkH8dYVUrzt1LYcjEPF4L6_dbqR0jvd_OP0BdtcLxHuP64gAbgUPcd0a5TtvSwgleXuO3llOHgImjhjLtO9etxEYyWHNBC_p1FtHWcezsKKwg6vmrgDK9bcWkK_LdVuNUkHSM10eQLhsDRYr1_iCRdVYclaIwWa_eYOX8zcO2OHrR3__ZzyVCjWawSxzWSaQBuomOseUXF2oupyKdBurJ8iD9w5iXb4USgmIhbzJTxo-ycjaHIXcaC3XHA-MF_hvHBf2kbSYLFcDw83qMnOU8czmgV3bnVxriNK0PcmJXh0HRovkmk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAG; OXPCLK=AAHg4AAAAAAAAAAG; ppucnt=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAH; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAH; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure ppucnt=7; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:33 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=a94f866f3710f03edfae79450fba7f5d1631480733&psp=K9pHuBubPIs-Yu3w6yMLdma7jzW7_ID98jbtNRe1M5EVColKpW7RfupG5x-QC9Lzom0OGInm9H4_SHRKprpXpDF0Nw1BOHtmGopPuwBrk1BEwsd2jbPL-7lJCyZix_pcWCIExU20LjVCuvR6uhJQbWeTnmeKOn9fqLhn7FuYDD4tYXdmnCMPZCiGXUG-B2EAXpOjsEffmEYcLAt0C3kvjN2shMBESkXtsLp6IUp9ea7EBr1abyg9MuU4_UO8owSOI41jDS2n5-EyVls7eca2x9juhgGLfhR1Yd3kuE6LdRauQ1FCewrleB9fMJrg7RGEZzVXFIRDDEqDHAC9YBHqPz8Q4HitQcwm1c_nmn2hgYpVWf9EFDVkH8dYVUrzt1LYcjEPF4L6_dbqR0jvd_OP0BdtcLxHuP64gAbgUPcd0a5TtvSwgleXuO3llOHgImjhjLtO9etxEYyWHNBC_p1FtHWcezsKKwg6vmrgDK9bcWkK_LdVuNUkHSM10eQLhsDRYr1_iCRdVYclaIwWa_eYOX8zcO2OHrR3__ZzyVCjWawSxzWSaQBuomOseUXF2oupyKdBurJ8iD9w5iXb4USgmIhbzJTxo-ycjaHIXcaC3XHA-MF_hvHBf2kbSYLFcDw83qMnOU8czmgV3bnVxriNK0PcmJXh0HRovkmk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:33 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:33 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:33 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140503ce1743eb8e4d8eb4d69613f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8e340391c9f126ed91b9d467bdbaf0cffeb806efe09d65ede722133c3134477b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAH; OXPCLK=AAHg4AAAAAAAAAAH; ppucnt=7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAH; OXPCLK=AAHg4AAAAAAAAAAH; ppucnt=7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=RjNirQBZMMPg5zvFEH7wmTIe2FwBRXLxIa-hAKsl0eksYR4knCKPZCjf0JVKCEwYyfyOA_rUXGDpqQ0B80vWfNeqlUhubQ0_dKhvZFOefoH__uYU_ouKlopeqZaBTkgQlnOWzSFv2uvyxo8BzdL70pTidveMi60rJvtTeSoGHtRZKHyhYYnlGLLtH4qvAYia6g4hUQh9ERHmqArU-qsYFH9jos_3L514g_MJolkoHMGwwQvfa4v49LkIwAHuzLXN34NqoNslno-mxIgjGxDK4ZWYbiawxrnRIGwTP4UOu6FMm3SrsQk7y_ZApfJjI-XVjc0IEJEOzNsXaXV0uwTKMtWBLyQWHHkjVAd-OqqFHlSKXbd5YNwzEmAkIm5Fvy-5KUBGWBHHjKMjFi1b-4FZikBmRJnlLtMgwiXIwxR2oB3fcNAoFOW-loWmPdOYS4hwZ-Rmkx0ifSyHOvfHwD_zXqzQ20TmjbWzWeE8dD5x13Z_LuF7gb_PFRkJxm48AxpCEGaOnl_LQOl7g0LObLrali6jZg-qPEcAD4fCMb7w8dq_YqELsBWGIFyMo3QabDYYA3nTI5hxLfCBWKOPzAmad1E1-L6s2-id4D7lgvGrE2x1cYo1U0oh7kacoeLs82LxsIPRtCtpNmWDbwNi5SvEgSM2a8o1hFVDAkTz&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=RjNirQBZMMPg5zvFEH7wmTIe2FwBRXLxIa-hAKsl0eksYR4knCKPZCjf0JVKCEwYyfyOA_rUXGDpqQ0B80vWfNeqlUhubQ0_dKhvZFOefoH__uYU_ouKlopeqZaBTkgQlnOWzSFv2uvyxo8BzdL70pTidveMi60rJvtTeSoGHtRZKHyhYYnlGLLtH4qvAYia6g4hUQh9ERHmqArU-qsYFH9jos_3L514g_MJolkoHMGwwQvfa4v49LkIwAHuzLXN34NqoNslno-mxIgjGxDK4ZWYbiawxrnRIGwTP4UOu6FMm3SrsQk7y_ZApfJjI-XVjc0IEJEOzNsXaXV0uwTKMtWBLyQWHHkjVAd-OqqFHlSKXbd5YNwzEmAkIm5Fvy-5KUBGWBHHjKMjFi1b-4FZikBmRJnlLtMgwiXIwxR2oB3fcNAoFOW-loWmPdOYS4hwZ-Rmkx0ifSyHOvfHwD_zXqzQ20TmjbWzWeE8dD5x13Z_LuF7gb_PFRkJxm48AxpCEGaOnl_LQOl7g0LObLrali6jZg-qPEcAD4fCMb7w8dq_YqELsBWGIFyMo3QabDYYA3nTI5hxLfCBWKOPzAmad1E1-L6s2-id4D7lgvGrE2x1cYo1U0oh7kacoeLs82LxsIPRtCtpNmWDbwNi5SvEgSM2a8o1hFVDAkTz&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAH; OXPCLK=AAHg4AAAAAAAAAAH; ppucnt=7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAI; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAI; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=8; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=RjNirQBZMMPg5zvFEH7wmTIe2FwBRXLxIa-hAKsl0eksYR4knCKPZCjf0JVKCEwYyfyOA_rUXGDpqQ0B80vWfNeqlUhubQ0_dKhvZFOefoH__uYU_ouKlopeqZaBTkgQlnOWzSFv2uvyxo8BzdL70pTidveMi60rJvtTeSoGHtRZKHyhYYnlGLLtH4qvAYia6g4hUQh9ERHmqArU-qsYFH9jos_3L514g_MJolkoHMGwwQvfa4v49LkIwAHuzLXN34NqoNslno-mxIgjGxDK4ZWYbiawxrnRIGwTP4UOu6FMm3SrsQk7y_ZApfJjI-XVjc0IEJEOzNsXaXV0uwTKMtWBLyQWHHkjVAd-OqqFHlSKXbd5YNwzEmAkIm5Fvy-5KUBGWBHHjKMjFi1b-4FZikBmRJnlLtMgwiXIwxR2oB3fcNAoFOW-loWmPdOYS4hwZ-Rmkx0ifSyHOvfHwD_zXqzQ20TmjbWzWeE8dD5x13Z_LuF7gb_PFRkJxm48AxpCEGaOnl_LQOl7g0LObLrali6jZg-qPEcAD4fCMb7w8dq_YqELsBWGIFyMo3QabDYYA3nTI5hxLfCBWKOPzAmad1E1-L6s2-id4D7lgvGrE2x1cYo1U0oh7kacoeLs82LxsIPRtCtpNmWDbwNi5SvEgSM2a8o1hFVDAkTz&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d8b2e034b84b4546897f67b896&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
614370d34e4e09ed887de9c8aaaf7d2b73b02fe7e697ac2c34f47054ce51cfc6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAI; OXPCLK=AAHg4AAAAAAAAAAI; ppucnt=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAI; OXPCLK=AAHg4AAAAAAAAAAI; ppucnt=8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dZlYW1g8o4glOSOWEHUfooaabWsxZTd_PGxEzEcoMaPtHn6BTEt9FRwsn89SpDHswdVrwyPBs_u5j3dCUdJjnJv_Y3cTFNxfHoig_z0KTLVh_jmRezq4ohaiVG2vdAqj-k07PZHSpc6D9sqv70nfPJY8F0tFJfZ_a3NBxJMyLNYDhfFjIn9znToONKVoZgOJsVE_Gsc7PTMirzWA-iX1uy4s1el0b7a1-7t0xqkWjWQrCTvlCuzuV-92wu6yM7BCKjO0ss7uGvm2u-cteJozmnB9qOvPtVWHHK6Td9uXe4zMHyE-CpCSy151jbXw5xC5VTCfoyvNh6GgU9QEEIiiK4wTpwWEcg5T6eKS65GmxL_HNb6jwoQaJ8KaC994FCtGr38lJvxbxWa2XqwHFvv32D1sWX5RcxJ0r8s2sPvGM5amp1O655QOe2QVyUEmCv4C2Zzepc0SJiDUnC9YdHc4iwdiYVvg3rZaq6Zninm3niECTCIoBoP9tyzeADflslpsDFuey2N4S4MDMza3sT8Nvc3WHZCHvOkvtcxslNcZTerKwLutuQ0tZazS4nBVX_7aIVhI9JLepyuQKJc7OXUySUZIVNSAZcU11vui5UNEK7JQQ3Omh-PL9ZuBVWEPfhj0S5Tr9CXG1x_sVx_bVfr_GnmReNzqF472NQjX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dZlYW1g8o4glOSOWEHUfooaabWsxZTd_PGxEzEcoMaPtHn6BTEt9FRwsn89SpDHswdVrwyPBs_u5j3dCUdJjnJv_Y3cTFNxfHoig_z0KTLVh_jmRezq4ohaiVG2vdAqj-k07PZHSpc6D9sqv70nfPJY8F0tFJfZ_a3NBxJMyLNYDhfFjIn9znToONKVoZgOJsVE_Gsc7PTMirzWA-iX1uy4s1el0b7a1-7t0xqkWjWQrCTvlCuzuV-92wu6yM7BCKjO0ss7uGvm2u-cteJozmnB9qOvPtVWHHK6Td9uXe4zMHyE-CpCSy151jbXw5xC5VTCfoyvNh6GgU9QEEIiiK4wTpwWEcg5T6eKS65GmxL_HNb6jwoQaJ8KaC994FCtGr38lJvxbxWa2XqwHFvv32D1sWX5RcxJ0r8s2sPvGM5amp1O655QOe2QVyUEmCv4C2Zzepc0SJiDUnC9YdHc4iwdiYVvg3rZaq6Zninm3niECTCIoBoP9tyzeADflslpsDFuey2N4S4MDMza3sT8Nvc3WHZCHvOkvtcxslNcZTerKwLutuQ0tZazS4nBVX_7aIVhI9JLepyuQKJc7OXUySUZIVNSAZcU11vui5UNEK7JQQ3Omh-PL9ZuBVWEPfhj0S5Tr9CXG1x_sVx_bVfr_GnmReNzqF472NQjX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAI; OXPCLK=AAHg4AAAAAAAAAAI; ppucnt=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAJ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAJ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=9; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dZlYW1g8o4glOSOWEHUfooaabWsxZTd_PGxEzEcoMaPtHn6BTEt9FRwsn89SpDHswdVrwyPBs_u5j3dCUdJjnJv_Y3cTFNxfHoig_z0KTLVh_jmRezq4ohaiVG2vdAqj-k07PZHSpc6D9sqv70nfPJY8F0tFJfZ_a3NBxJMyLNYDhfFjIn9znToONKVoZgOJsVE_Gsc7PTMirzWA-iX1uy4s1el0b7a1-7t0xqkWjWQrCTvlCuzuV-92wu6yM7BCKjO0ss7uGvm2u-cteJozmnB9qOvPtVWHHK6Td9uXe4zMHyE-CpCSy151jbXw5xC5VTCfoyvNh6GgU9QEEIiiK4wTpwWEcg5T6eKS65GmxL_HNb6jwoQaJ8KaC994FCtGr38lJvxbxWa2XqwHFvv32D1sWX5RcxJ0r8s2sPvGM5amp1O655QOe2QVyUEmCv4C2Zzepc0SJiDUnC9YdHc4iwdiYVvg3rZaq6Zninm3niECTCIoBoP9tyzeADflslpsDFuey2N4S4MDMza3sT8Nvc3WHZCHvOkvtcxslNcZTerKwLutuQ0tZazS4nBVX_7aIVhI9JLepyuQKJc7OXUySUZIVNSAZcU11vui5UNEK7JQQ3Omh-PL9ZuBVWEPfhj0S5Tr9CXG1x_sVx_bVfr_GnmReNzqF472NQjX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405310322319c4042efadc8519fd0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
080ae56685468ddac53d728d938f478ac98bce8954a3a26787335d695b30c6eb

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAJ; OXPCLK=AAHg4AAAAAAAAAAJ; ppucnt=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAJ; OXPCLK=AAHg4AAAAAAAAAAJ; ppucnt=9
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=n057qpcQjBNaKsMIz0RRWLHpcBHS4cj-gQM7rd0--vOdHvr7PfYp1MdeHlf1YAIRxGh8VgsBHaVO-vDR2YpffaHRhRNHBpEO69vr1E6HfFuM7wUXPUbRpU62Pe4CdF_uYreUtExJ4gAKp7YgChP1005B0CPNgqq9gN-Wg9Fn62ne5uXtL3zirxU8R7qT_rxs-xH3_idMUrrq0AUxSDHpQsJ-cDvpCTuFeDUqU4xVr0VFKcBEIathgzo_OhTaDULaVwWU2BojvgPDKM5c9yyw7vQBPxy-awAc_5WZ2sNEWkCZK1k99w1DSmLQ7VOoaFlm5d7HYZnr0trBaGfEPrZ67ueW8apc74PcIU44LaA6z_yw-bAHfFhEYabcGmk_hW7WitWMfCfGMUFM4twzd29oLr_Xu-lW2hscgx3pBv5bhcwOVpaiivAdHIqoE-K4jamtanC-zn4F0mSCXcxEU7xsUM858dBAKCFhsuWwOXzV4Vb9x10s_s-Z_ffmBd_axmmSNxMzFnU8SrWa9HuxJJITdb561-gmOk2uKz3qar5xskdICRPCiFRxriz4a3Uy5IghWmPFsySzyzCR6XmAAPwfzpNlpjjO9zRnmZumhyo-wB5BDz_ayrl5Z5GtBm34i3R7TX8Xq8ssEh4y1yw-reg68iyUWeaSm0WAXtmd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
703bb147da7d1bd0520611286a5e4446d8b115edc7c45451f31eeaa8d3604e15

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=n057qpcQjBNaKsMIz0RRWLHpcBHS4cj-gQM7rd0--vOdHvr7PfYp1MdeHlf1YAIRxGh8VgsBHaVO-vDR2YpffaHRhRNHBpEO69vr1E6HfFuM7wUXPUbRpU62Pe4CdF_uYreUtExJ4gAKp7YgChP1005B0CPNgqq9gN-Wg9Fn62ne5uXtL3zirxU8R7qT_rxs-xH3_idMUrrq0AUxSDHpQsJ-cDvpCTuFeDUqU4xVr0VFKcBEIathgzo_OhTaDULaVwWU2BojvgPDKM5c9yyw7vQBPxy-awAc_5WZ2sNEWkCZK1k99w1DSmLQ7VOoaFlm5d7HYZnr0trBaGfEPrZ67ueW8apc74PcIU44LaA6z_yw-bAHfFhEYabcGmk_hW7WitWMfCfGMUFM4twzd29oLr_Xu-lW2hscgx3pBv5bhcwOVpaiivAdHIqoE-K4jamtanC-zn4F0mSCXcxEU7xsUM858dBAKCFhsuWwOXzV4Vb9x10s_s-Z_ffmBd_axmmSNxMzFnU8SrWa9HuxJJITdb561-gmOk2uKz3qar5xskdICRPCiFRxriz4a3Uy5IghWmPFsySzyzCR6XmAAPwfzpNlpjjO9zRnmZumhyo-wB5BDz_ayrl5Z5GtBm34i3R7TX8Xq8ssEh4y1yw-reg68iyUWeaSm0WAXtmd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAJ; OXPCLK=AAHg4AAAAAAAAAAJ; ppucnt=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAK; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAK; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=10; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=n057qpcQjBNaKsMIz0RRWLHpcBHS4cj-gQM7rd0--vOdHvr7PfYp1MdeHlf1YAIRxGh8VgsBHaVO-vDR2YpffaHRhRNHBpEO69vr1E6HfFuM7wUXPUbRpU62Pe4CdF_uYreUtExJ4gAKp7YgChP1005B0CPNgqq9gN-Wg9Fn62ne5uXtL3zirxU8R7qT_rxs-xH3_idMUrrq0AUxSDHpQsJ-cDvpCTuFeDUqU4xVr0VFKcBEIathgzo_OhTaDULaVwWU2BojvgPDKM5c9yyw7vQBPxy-awAc_5WZ2sNEWkCZK1k99w1DSmLQ7VOoaFlm5d7HYZnr0trBaGfEPrZ67ueW8apc74PcIU44LaA6z_yw-bAHfFhEYabcGmk_hW7WitWMfCfGMUFM4twzd29oLr_Xu-lW2hscgx3pBv5bhcwOVpaiivAdHIqoE-K4jamtanC-zn4F0mSCXcxEU7xsUM858dBAKCFhsuWwOXzV4Vb9x10s_s-Z_ffmBd_axmmSNxMzFnU8SrWa9HuxJJITdb561-gmOk2uKz3qar5xskdICRPCiFRxriz4a3Uy5IghWmPFsySzyzCR6XmAAPwfzpNlpjjO9zRnmZumhyo-wB5BDz_ayrl5Z5GtBm34i3R7TX8Xq8ssEh4y1yw-reg68iyUWeaSm0WAXtmd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405706924360a6f4eb08cc4b7dd62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b09c7c7e0955910253ffc2b5b684a04ab3c309ad92c790b990b50bbb71e6781c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAK; OXPCLK=AAHg4AAAAAAAAAAK; ppucnt=10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAK; OXPCLK=AAHg4AAAAAAAAAAK; ppucnt=10
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=2A_3pxncGzvUUXQy-e6d4JbaMfD5hRAFsGosNAKztCmd-u2Lr3Sy1zHL5Z5QvB9oTU-OCS4rlEF13MC9wrmftuaeB2pD81_baXnN3lYCfBxmN-9L6ihNeCx86Gbt4_i0b8giMQBmDB271Vr7sRupiimwV_ARykMwIR0GObXguc2Ft_Cht1-nnze0PoweMyJYRvHTzwbwRD7rbNfyZ1dXNeWSqqo9Qtx9UC5RC1_ffpgEv54-rQ2vVa9yGX3FSthyxUBrwffuS3N5CWyrvOpuNm3zo0vbEox9LoVhj_D8Z4CllpkeizLzRYlY6N8j2WXH1AsI_Qu3ToW-c4zJ6iXNfevtYa6QZt5dwXLQMe9kdh72Cum_s3lbPRvSmfFKjwBKDQ1B8IvLks0hpGGdwpxh_-FW3Jsk_XZId5TZprF7Eg6G0Bf7UA21Lqcnakww4HD7E_SJqbxiG7YpMW4L7SFj5kKAtlnNi5sRFCBJ1fF4j5VmReEHPNF68wx8j3LyvvMMo_ugRtYB6XRKDit3dNu23TdbtN9ElZWwNY4pCGuKLI1Bydr3uv_VsYcyS_1WNmHd1sj5x-F_EPCuw4ENcyMGhyvdk3_s2zGf9PAybU9j2UvNRpdgABFK31T5TxqjXY6XBbb_kuuK38QSdEKUs8R0AtoG3vQBXNmYutvX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=2A_3pxncGzvUUXQy-e6d4JbaMfD5hRAFsGosNAKztCmd-u2Lr3Sy1zHL5Z5QvB9oTU-OCS4rlEF13MC9wrmftuaeB2pD81_baXnN3lYCfBxmN-9L6ihNeCx86Gbt4_i0b8giMQBmDB271Vr7sRupiimwV_ARykMwIR0GObXguc2Ft_Cht1-nnze0PoweMyJYRvHTzwbwRD7rbNfyZ1dXNeWSqqo9Qtx9UC5RC1_ffpgEv54-rQ2vVa9yGX3FSthyxUBrwffuS3N5CWyrvOpuNm3zo0vbEox9LoVhj_D8Z4CllpkeizLzRYlY6N8j2WXH1AsI_Qu3ToW-c4zJ6iXNfevtYa6QZt5dwXLQMe9kdh72Cum_s3lbPRvSmfFKjwBKDQ1B8IvLks0hpGGdwpxh_-FW3Jsk_XZId5TZprF7Eg6G0Bf7UA21Lqcnakww4HD7E_SJqbxiG7YpMW4L7SFj5kKAtlnNi5sRFCBJ1fF4j5VmReEHPNF68wx8j3LyvvMMo_ugRtYB6XRKDit3dNu23TdbtN9ElZWwNY4pCGuKLI1Bydr3uv_VsYcyS_1WNmHd1sj5x-F_EPCuw4ENcyMGhyvdk3_s2zGf9PAybU9j2UvNRpdgABFK31T5TxqjXY6XBbb_kuuK38QSdEKUs8R0AtoG3vQBXNmYutvX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAK; OXPCLK=AAHg4AAAAAAAAAAK; ppucnt=10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAL; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAL; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=11; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=2A_3pxncGzvUUXQy-e6d4JbaMfD5hRAFsGosNAKztCmd-u2Lr3Sy1zHL5Z5QvB9oTU-OCS4rlEF13MC9wrmftuaeB2pD81_baXnN3lYCfBxmN-9L6ihNeCx86Gbt4_i0b8giMQBmDB271Vr7sRupiimwV_ARykMwIR0GObXguc2Ft_Cht1-nnze0PoweMyJYRvHTzwbwRD7rbNfyZ1dXNeWSqqo9Qtx9UC5RC1_ffpgEv54-rQ2vVa9yGX3FSthyxUBrwffuS3N5CWyrvOpuNm3zo0vbEox9LoVhj_D8Z4CllpkeizLzRYlY6N8j2WXH1AsI_Qu3ToW-c4zJ6iXNfevtYa6QZt5dwXLQMe9kdh72Cum_s3lbPRvSmfFKjwBKDQ1B8IvLks0hpGGdwpxh_-FW3Jsk_XZId5TZprF7Eg6G0Bf7UA21Lqcnakww4HD7E_SJqbxiG7YpMW4L7SFj5kKAtlnNi5sRFCBJ1fF4j5VmReEHPNF68wx8j3LyvvMMo_ugRtYB6XRKDit3dNu23TdbtN9ElZWwNY4pCGuKLI1Bydr3uv_VsYcyS_1WNmHd1sj5x-F_EPCuw4ENcyMGhyvdk3_s2zGf9PAybU9j2UvNRpdgABFK31T5TxqjXY6XBbb_kuuK38QSdEKUs8R0AtoG3vQBXNmYutvX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140504a102887c8e4e9bb9307cbbd3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6e40b51fb0a26f338e0365cc9c4ef8ed25508a9841f2c27361678abc3b64cf78

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAL; OXPCLK=AAHg4AAAAAAAAAAL; ppucnt=11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAL; OXPCLK=AAHg4AAAAAAAAAAL; ppucnt=11
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=UAnK28VMYClqAHCWZZiehvHWic2GqxGC9vDWjROBvEhr9c9h8BN7WdgYPgPxzybvEZenByNvk6AWUdS2O0U6R34GeRe_PRxBFRCrw9i82fvw6Mca3lTSfUKCbhz7cS9HxUfB3zx9Xpb3Cjqvie63Au_C-rmJA-0RoZbd6VQqEeC62xhDQFwp8HAIRrzKqNbxm8I2s9GPzQTEdFh8L2Tnhof3efLoIBOC2CpzQYgsnNriSRBWQKeVq0r9KpmipFkxRVw0Za4CBHQBrqWJGlBpDzDCLnkrMt-4CdzKwCraUqIcjwqs5dATxgd2zunJK-S1-aXpUrp-nUhWBSrlm977QUwq-_e_Wip2hQyakAw18erQoI3cH_q5AVA6-9dTs0Z8cVezwLrGKMabOJRHOINelCGLo6HAqDuy8dPl1BTp_Do9lgP3TLhF7KLid12tXXxGB8yvOW4Z6hrzsiGhwD-3Zxr-6APHHEGLZ4jw_uEMd8lPmurV6HNwZdoAavWSQUYLm552jLn2t5URikz3MaczqgB_WfaqlkfGonzhrwxdnRFYXmdpFzdQprsZZmYN68xVJpAUSuEGjQSA6M12RxU8bb6tZQ1V49Pv4DEC9RZ_gLB_JzTHkXJeUMJfxsAQ5Yj4EYtYsjx5yPWsJ1OzMI3s88HmKPAWeWbqtq2H&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8e841c43fbdeba9a83d7d89ba96dc548c69bb5fac825cdc3b98449ca3233bcbb

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=UAnK28VMYClqAHCWZZiehvHWic2GqxGC9vDWjROBvEhr9c9h8BN7WdgYPgPxzybvEZenByNvk6AWUdS2O0U6R34GeRe_PRxBFRCrw9i82fvw6Mca3lTSfUKCbhz7cS9HxUfB3zx9Xpb3Cjqvie63Au_C-rmJA-0RoZbd6VQqEeC62xhDQFwp8HAIRrzKqNbxm8I2s9GPzQTEdFh8L2Tnhof3efLoIBOC2CpzQYgsnNriSRBWQKeVq0r9KpmipFkxRVw0Za4CBHQBrqWJGlBpDzDCLnkrMt-4CdzKwCraUqIcjwqs5dATxgd2zunJK-S1-aXpUrp-nUhWBSrlm977QUwq-_e_Wip2hQyakAw18erQoI3cH_q5AVA6-9dTs0Z8cVezwLrGKMabOJRHOINelCGLo6HAqDuy8dPl1BTp_Do9lgP3TLhF7KLid12tXXxGB8yvOW4Z6hrzsiGhwD-3Zxr-6APHHEGLZ4jw_uEMd8lPmurV6HNwZdoAavWSQUYLm552jLn2t5URikz3MaczqgB_WfaqlkfGonzhrwxdnRFYXmdpFzdQprsZZmYN68xVJpAUSuEGjQSA6M12RxU8bb6tZQ1V49Pv4DEC9RZ_gLB_JzTHkXJeUMJfxsAQ5Yj4EYtYsjx5yPWsJ1OzMI3s88HmKPAWeWbqtq2H&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAL; OXPCLK=AAHg4AAAAAAAAAAL; ppucnt=11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAM; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAM; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=12; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=UAnK28VMYClqAHCWZZiehvHWic2GqxGC9vDWjROBvEhr9c9h8BN7WdgYPgPxzybvEZenByNvk6AWUdS2O0U6R34GeRe_PRxBFRCrw9i82fvw6Mca3lTSfUKCbhz7cS9HxUfB3zx9Xpb3Cjqvie63Au_C-rmJA-0RoZbd6VQqEeC62xhDQFwp8HAIRrzKqNbxm8I2s9GPzQTEdFh8L2Tnhof3efLoIBOC2CpzQYgsnNriSRBWQKeVq0r9KpmipFkxRVw0Za4CBHQBrqWJGlBpDzDCLnkrMt-4CdzKwCraUqIcjwqs5dATxgd2zunJK-S1-aXpUrp-nUhWBSrlm977QUwq-_e_Wip2hQyakAw18erQoI3cH_q5AVA6-9dTs0Z8cVezwLrGKMabOJRHOINelCGLo6HAqDuy8dPl1BTp_Do9lgP3TLhF7KLid12tXXxGB8yvOW4Z6hrzsiGhwD-3Zxr-6APHHEGLZ4jw_uEMd8lPmurV6HNwZdoAavWSQUYLm552jLn2t5URikz3MaczqgB_WfaqlkfGonzhrwxdnRFYXmdpFzdQprsZZmYN68xVJpAUSuEGjQSA6M12RxU8bb6tZQ1V49Pv4DEC9RZ_gLB_JzTHkXJeUMJfxsAQ5Yj4EYtYsjx5yPWsJ1OzMI3s88HmKPAWeWbqtq2H&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056065502c404245d3928c832c01&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f8a110431c347e11282262b78fa907f7057e72f13301f053c81e9ab90b42b602

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAM; OXPCLK=AAHg4AAAAAAAAAAM; ppucnt=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAM; OXPCLK=AAHg4AAAAAAAAAAM; ppucnt=12
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=0Zhv8UnkqVilaEim0H8UBJrUprinHr_LDRGHHmESS5ualSOZN-8cxtHvvprrlPwy0PmorCYxhq6L7z_fP0Lc4sVNaFzHQTZ3olOzN_AZwjLwbyhZyFChkh09Ln93KG7gC9aiLrQOmZ_nbKLOSO_4-XQWQO9S9Ml4-K_UqP29UC9f_AADtHgsuWk5SbUkGIsSB4Mg62Kv9ZJ63w0M2efYOxi_N06zscLgEH-8HYD7h94uTsNl0nKkZ7xLbMIcxG3j2YUkJHTQq5CW-NEDm-xRSOrWUalQPSo_m7ZSEsvfSQWHBHN0GdYeZaa6qag58VN_he3OEASy4UtBXYuG9dCNrxrcHNTseyzegr6nPEof6u7EO5TiVBgJvstjGrxL3L7j5g-RbAYXCVo8w5blQQPfB70B8ZOHaQY4-3p0O-m2J5CZ74OCpPj2GUDYK9THG9OQh_T_JNKjzlz7kEB7-s-JcZAv-kov4HDa-RLoR9coh3rsIliIQ1NnBghNHybzd3c3tQsvB9pE_udagbHIPePtyQrgvopVhqr2Wsx8INWdqQstqDHoWVcOP9U3V99XTG-Uw3ahACIk1h_CmrV_x-94QWWghkaCX1cGdq9d5HoR3E2uZi2LpxQJTG_ygeCP0Id8cF84KMK06_KNzw4dYFE36a3_5cs54jdvOeSW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a95dbb1662ed7cf687fa01bfd5679580f27047f073a1832a71344ab73e27e842

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=0Zhv8UnkqVilaEim0H8UBJrUprinHr_LDRGHHmESS5ualSOZN-8cxtHvvprrlPwy0PmorCYxhq6L7z_fP0Lc4sVNaFzHQTZ3olOzN_AZwjLwbyhZyFChkh09Ln93KG7gC9aiLrQOmZ_nbKLOSO_4-XQWQO9S9Ml4-K_UqP29UC9f_AADtHgsuWk5SbUkGIsSB4Mg62Kv9ZJ63w0M2efYOxi_N06zscLgEH-8HYD7h94uTsNl0nKkZ7xLbMIcxG3j2YUkJHTQq5CW-NEDm-xRSOrWUalQPSo_m7ZSEsvfSQWHBHN0GdYeZaa6qag58VN_he3OEASy4UtBXYuG9dCNrxrcHNTseyzegr6nPEof6u7EO5TiVBgJvstjGrxL3L7j5g-RbAYXCVo8w5blQQPfB70B8ZOHaQY4-3p0O-m2J5CZ74OCpPj2GUDYK9THG9OQh_T_JNKjzlz7kEB7-s-JcZAv-kov4HDa-RLoR9coh3rsIliIQ1NnBghNHybzd3c3tQsvB9pE_udagbHIPePtyQrgvopVhqr2Wsx8INWdqQstqDHoWVcOP9U3V99XTG-Uw3ahACIk1h_CmrV_x-94QWWghkaCX1cGdq9d5HoR3E2uZi2LpxQJTG_ygeCP0Id8cF84KMK06_KNzw4dYFE36a3_5cs54jdvOeSW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAM; OXPCLK=AAHg4AAAAAAAAAAM; ppucnt=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAN; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAN; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=13; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=0Zhv8UnkqVilaEim0H8UBJrUprinHr_LDRGHHmESS5ualSOZN-8cxtHvvprrlPwy0PmorCYxhq6L7z_fP0Lc4sVNaFzHQTZ3olOzN_AZwjLwbyhZyFChkh09Ln93KG7gC9aiLrQOmZ_nbKLOSO_4-XQWQO9S9Ml4-K_UqP29UC9f_AADtHgsuWk5SbUkGIsSB4Mg62Kv9ZJ63w0M2efYOxi_N06zscLgEH-8HYD7h94uTsNl0nKkZ7xLbMIcxG3j2YUkJHTQq5CW-NEDm-xRSOrWUalQPSo_m7ZSEsvfSQWHBHN0GdYeZaa6qag58VN_he3OEASy4UtBXYuG9dCNrxrcHNTseyzegr6nPEof6u7EO5TiVBgJvstjGrxL3L7j5g-RbAYXCVo8w5blQQPfB70B8ZOHaQY4-3p0O-m2J5CZ74OCpPj2GUDYK9THG9OQh_T_JNKjzlz7kEB7-s-JcZAv-kov4HDa-RLoR9coh3rsIliIQ1NnBghNHybzd3c3tQsvB9pE_udagbHIPePtyQrgvopVhqr2Wsx8INWdqQstqDHoWVcOP9U3V99XTG-Uw3ahACIk1h_CmrV_x-94QWWghkaCX1cGdq9d5HoR3E2uZi2LpxQJTG_ygeCP0Id8cF84KMK06_KNzw4dYFE36a3_5cs54jdvOeSW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140535b6579fd1034d24a750050091&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1c3515ff717bff66957cd13615255048387d07c299374ebd4f42432be4e0579b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAN; OXPCLK=AAHg4AAAAAAAAAAN; ppucnt=13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAN; OXPCLK=AAHg4AAAAAAAAAAN; ppucnt=13
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dw2jQOoasgY5A-bmSbqONjcUwUxo5wHbFBNPQhcjAzRLyd29zthKxsPjJ34LFN1eO1ZYMv-xD0Qmsxn6RR_2Qj3GAUQtVKx5JlJ357P-nTKUyz7kEdVRT23dwffT3ywjDxncKoeVlkpWDgQau6ow8tHiuAXPzFGvZCI1EfK0E4MQDlYplBRUcbHGMxkKwsAjRmHzfl8ncGrnuiV4oRubHx5TIDB3-JcJClw9UbGHhY2_Vb1EC6fQh1_5bdabONOrGO1NCH6KkPBl5vooxuMt58Zdoo5Mf0VUGQKj_iBJiAI01OHOWh_qQLc3y6kZtB0qMx_r5eElIsZqqEP6YQg9BWNcN4XI8iv-sbcJi40VLazN_FSwqCYtIygThtD66XEfylGWLpvAAFqyDhbrA7tpFBGDGR1dYZ3tw40KWskYhcuXyAF6oG3hurO2dtDhdE76E7uO9Hx85hmL3N4O_QpagqQ4Ti2BNjvMWKPSoBBcGb2z7bZSxc1B1zUgf7UNLNc1fUTIcyfJEweaNIXu962auZWzf2RFA5GbiEpXxxCLdHyj6gz8ZS_tI4NymDqNk0AY0mlqWJHbxvhen54UrsN4K2EwdGMFSVKhglR063HVYVwlfz2zA7KhXOkwDvkDeVdUxjhfsJe3r63kAG3U2KqXi_hAxkpDUFD1_ibU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ead871924e7352d17483f8860c99bb9d8f26f1406944147eb4645b7fafe11968

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dw2jQOoasgY5A-bmSbqONjcUwUxo5wHbFBNPQhcjAzRLyd29zthKxsPjJ34LFN1eO1ZYMv-xD0Qmsxn6RR_2Qj3GAUQtVKx5JlJ357P-nTKUyz7kEdVRT23dwffT3ywjDxncKoeVlkpWDgQau6ow8tHiuAXPzFGvZCI1EfK0E4MQDlYplBRUcbHGMxkKwsAjRmHzfl8ncGrnuiV4oRubHx5TIDB3-JcJClw9UbGHhY2_Vb1EC6fQh1_5bdabONOrGO1NCH6KkPBl5vooxuMt58Zdoo5Mf0VUGQKj_iBJiAI01OHOWh_qQLc3y6kZtB0qMx_r5eElIsZqqEP6YQg9BWNcN4XI8iv-sbcJi40VLazN_FSwqCYtIygThtD66XEfylGWLpvAAFqyDhbrA7tpFBGDGR1dYZ3tw40KWskYhcuXyAF6oG3hurO2dtDhdE76E7uO9Hx85hmL3N4O_QpagqQ4Ti2BNjvMWKPSoBBcGb2z7bZSxc1B1zUgf7UNLNc1fUTIcyfJEweaNIXu962auZWzf2RFA5GbiEpXxxCLdHyj6gz8ZS_tI4NymDqNk0AY0mlqWJHbxvhen54UrsN4K2EwdGMFSVKhglR063HVYVwlfz2zA7KhXOkwDvkDeVdUxjhfsJe3r63kAG3U2KqXi_hAxkpDUFD1_ibU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAN; OXPCLK=AAHg4AAAAAAAAAAN; ppucnt=13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAO; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAO; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure ppucnt=14; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:34 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=dw2jQOoasgY5A-bmSbqONjcUwUxo5wHbFBNPQhcjAzRLyd29zthKxsPjJ34LFN1eO1ZYMv-xD0Qmsxn6RR_2Qj3GAUQtVKx5JlJ357P-nTKUyz7kEdVRT23dwffT3ywjDxncKoeVlkpWDgQau6ow8tHiuAXPzFGvZCI1EfK0E4MQDlYplBRUcbHGMxkKwsAjRmHzfl8ncGrnuiV4oRubHx5TIDB3-JcJClw9UbGHhY2_Vb1EC6fQh1_5bdabONOrGO1NCH6KkPBl5vooxuMt58Zdoo5Mf0VUGQKj_iBJiAI01OHOWh_qQLc3y6kZtB0qMx_r5eElIsZqqEP6YQg9BWNcN4XI8iv-sbcJi40VLazN_FSwqCYtIygThtD66XEfylGWLpvAAFqyDhbrA7tpFBGDGR1dYZ3tw40KWskYhcuXyAF6oG3hurO2dtDhdE76E7uO9Hx85hmL3N4O_QpagqQ4Ti2BNjvMWKPSoBBcGb2z7bZSxc1B1zUgf7UNLNc1fUTIcyfJEweaNIXu962auZWzf2RFA5GbiEpXxxCLdHyj6gz8ZS_tI4NymDqNk0AY0mlqWJHbxvhen54UrsN4K2EwdGMFSVKhglR063HVYVwlfz2zA7KhXOkwDvkDeVdUxjhfsJe3r63kAG3U2KqXi_hAxkpDUFD1_ibU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:34 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d0cea2bb07e5431a916d9dcc54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:34 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fe1f31c8f3a6cdf4c82726aef8c44c3613a774464c00f9cef621a2571ca2649e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAO; OXPCLK=AAHg4AAAAAAAAAAO; ppucnt=14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAO; OXPCLK=AAHg4AAAAAAAAAAO; ppucnt=14
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=Gf2wud6hu6_Zpkuwsg_0ZcZktNfxaZu3ZbV8GOjnZl2UpjkykLMn9_vUxlHxRHp90lvLashOJVah3ltmHlwJPEDuuF3isbYsyKkJbqDFSuS035dm9BJDT9i5kLISLEDqKhhZiIEI83GbUtaXWDtdV00chJFZW34lRBtP3JLDFE_w7K6dtlo-kdiT8FRMGM3wCUQ81qo7OfZL8xh6-0Tcs0kduzDjTxAv8kMzfvhPsq-DLNjyKVlBS5Gqr5Y-2yw3kxztS8J7Puo532UTEXcgig_buZfPIbfeUUVXo8fg-0spnpKI472XjG4DOWnRLvKZMKHmrvyEb73ONONlqQcUC-GuRvf_c3NcM1rIMO3dtDATr6BJRzRf0ifkZz7cFvEOWzBgSOnj0hAEvBo5teXmhELtCdDmnJ_TY23_yQE8O4uY2nJywa3bnt9RBh_dA-BF4ajtw1S9uuKeB6FL26LB3oq0r3Hg4mYRyOhJgj1-deB3JsSuzU85h61Ez5xYXnaj0ySLjyLnmUg23Oxgmm5Jm5E8ao9LJJe80j-MpZQcKodujSAnwSGpJ-80UTrlWye-qYbr0FbOtdcMhBJ0SlSOsqw-Q2GYzowBR8Q0VVOJbRi9JHJWhEp29EBLi2uLbcbAihtbsV1m3zeFCOGipQ16TTSjwd_43TTUKHOh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
10ab604da32f9f2537c6d0002a429cb347f226766ffa2d83e00ab4561d04cc78

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=Gf2wud6hu6_Zpkuwsg_0ZcZktNfxaZu3ZbV8GOjnZl2UpjkykLMn9_vUxlHxRHp90lvLashOJVah3ltmHlwJPEDuuF3isbYsyKkJbqDFSuS035dm9BJDT9i5kLISLEDqKhhZiIEI83GbUtaXWDtdV00chJFZW34lRBtP3JLDFE_w7K6dtlo-kdiT8FRMGM3wCUQ81qo7OfZL8xh6-0Tcs0kduzDjTxAv8kMzfvhPsq-DLNjyKVlBS5Gqr5Y-2yw3kxztS8J7Puo532UTEXcgig_buZfPIbfeUUVXo8fg-0spnpKI472XjG4DOWnRLvKZMKHmrvyEb73ONONlqQcUC-GuRvf_c3NcM1rIMO3dtDATr6BJRzRf0ifkZz7cFvEOWzBgSOnj0hAEvBo5teXmhELtCdDmnJ_TY23_yQE8O4uY2nJywa3bnt9RBh_dA-BF4ajtw1S9uuKeB6FL26LB3oq0r3Hg4mYRyOhJgj1-deB3JsSuzU85h61Ez5xYXnaj0ySLjyLnmUg23Oxgmm5Jm5E8ao9LJJe80j-MpZQcKodujSAnwSGpJ-80UTrlWye-qYbr0FbOtdcMhBJ0SlSOsqw-Q2GYzowBR8Q0VVOJbRi9JHJWhEp29EBLi2uLbcbAihtbsV1m3zeFCOGipQ16TTSjwd_43TTUKHOh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAO; OXPCLK=AAHg4AAAAAAAAAAO; ppucnt=14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAP; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAP; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure ppucnt=15; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fb380a749bbeb9b0d6a8e5f29c485e051631480734&psp=Gf2wud6hu6_Zpkuwsg_0ZcZktNfxaZu3ZbV8GOjnZl2UpjkykLMn9_vUxlHxRHp90lvLashOJVah3ltmHlwJPEDuuF3isbYsyKkJbqDFSuS035dm9BJDT9i5kLISLEDqKhhZiIEI83GbUtaXWDtdV00chJFZW34lRBtP3JLDFE_w7K6dtlo-kdiT8FRMGM3wCUQ81qo7OfZL8xh6-0Tcs0kduzDjTxAv8kMzfvhPsq-DLNjyKVlBS5Gqr5Y-2yw3kxztS8J7Puo532UTEXcgig_buZfPIbfeUUVXo8fg-0spnpKI472XjG4DOWnRLvKZMKHmrvyEb73ONONlqQcUC-GuRvf_c3NcM1rIMO3dtDATr6BJRzRf0ifkZz7cFvEOWzBgSOnj0hAEvBo5teXmhELtCdDmnJ_TY23_yQE8O4uY2nJywa3bnt9RBh_dA-BF4ajtw1S9uuKeB6FL26LB3oq0r3Hg4mYRyOhJgj1-deB3JsSuzU85h61Ez5xYXnaj0ySLjyLnmUg23Oxgmm5Jm5E8ao9LJJe80j-MpZQcKodujSAnwSGpJ-80UTrlWye-qYbr0FbOtdcMhBJ0SlSOsqw-Q2GYzowBR8Q0VVOJbRi9JHJWhEp29EBLi2uLbcbAihtbsV1m3zeFCOGipQ16TTSjwd_43TTUKHOh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593c085cd46544dc0ae695890da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
081632a722a7a6e2c4c673a950cb5d88867da37f3294c7cdce255c0f19a5a567

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAP; OXPCLK=AAHg4AAAAAAAAAAP; ppucnt=15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAP; OXPCLK=AAHg4AAAAAAAAAAP; ppucnt=15
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=p5rILvkq6EL_eIgR9vwH51E6dWD0HwX-XZPk3fsVuIJft_wJh5R65c5bQf-p5Eac7OnskQUI2uaey6k1BSqDQJZ5EuxShSY4pUNS3TTKlGW4_a55oy643W6B9aLbxpqOU8maK_B8pE46VOqhvi1aonliSMsvo70zoXTBeJSRrgkpWjqzjbyh6k5SZh4CWG4kYADXWPR0Ha0rLP44f8p_AguQHc3SG3TMyWLL1qj2Yzu1xP1jZNxhD1GQVQh6kA6SIh7yVKFfXLvWw6pBEGvGzGGjuuXhhUdIplbOgVeeuy419bXwOHahMapO93dJ5cLTMLxEs7u5WGbqWD-mm5COwxSe74U9PMP1iGKgP8zunlyTS14ipGWoDRVwtcFaXWJUO7VQkDxX2krHDrUbPA8AyQwmytev2f_fFAa5cAAterWTb2iEID8PimKnohg7s4OpBfGpMvqu49FUhIRHo4Dr_GOs8Sm4MjxH2w7jQ8brAJCJYAzsyZcR1VbGEZbZ6ijXfNZQLGzPV6L82DIn6RtEiY4_8rhhpF1JsrvNVMM2mtJoUtcdXxVGY_tj_u9bkY3r9LagYYT9TPvXAEsWl9XdNT8Fu11-d0lczJTHPpO1t7RYSbC6uStEULUieIvXeKBqqAPdueTo9BqOku3IGNuUlIyn2IAGOxMVa4Pq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=p5rILvkq6EL_eIgR9vwH51E6dWD0HwX-XZPk3fsVuIJft_wJh5R65c5bQf-p5Eac7OnskQUI2uaey6k1BSqDQJZ5EuxShSY4pUNS3TTKlGW4_a55oy643W6B9aLbxpqOU8maK_B8pE46VOqhvi1aonliSMsvo70zoXTBeJSRrgkpWjqzjbyh6k5SZh4CWG4kYADXWPR0Ha0rLP44f8p_AguQHc3SG3TMyWLL1qj2Yzu1xP1jZNxhD1GQVQh6kA6SIh7yVKFfXLvWw6pBEGvGzGGjuuXhhUdIplbOgVeeuy419bXwOHahMapO93dJ5cLTMLxEs7u5WGbqWD-mm5COwxSe74U9PMP1iGKgP8zunlyTS14ipGWoDRVwtcFaXWJUO7VQkDxX2krHDrUbPA8AyQwmytev2f_fFAa5cAAterWTb2iEID8PimKnohg7s4OpBfGpMvqu49FUhIRHo4Dr_GOs8Sm4MjxH2w7jQ8brAJCJYAzsyZcR1VbGEZbZ6ijXfNZQLGzPV6L82DIn6RtEiY4_8rhhpF1JsrvNVMM2mtJoUtcdXxVGY_tj_u9bkY3r9LagYYT9TPvXAEsWl9XdNT8Fu11-d0lczJTHPpO1t7RYSbC6uStEULUieIvXeKBqqAPdueTo9BqOku3IGNuUlIyn2IAGOxMVa4Pq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAP; OXPCLK=AAHg4AAAAAAAAAAP; ppucnt=15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAQ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAQ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure ppucnt=16; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=p5rILvkq6EL_eIgR9vwH51E6dWD0HwX-XZPk3fsVuIJft_wJh5R65c5bQf-p5Eac7OnskQUI2uaey6k1BSqDQJZ5EuxShSY4pUNS3TTKlGW4_a55oy643W6B9aLbxpqOU8maK_B8pE46VOqhvi1aonliSMsvo70zoXTBeJSRrgkpWjqzjbyh6k5SZh4CWG4kYADXWPR0Ha0rLP44f8p_AguQHc3SG3TMyWLL1qj2Yzu1xP1jZNxhD1GQVQh6kA6SIh7yVKFfXLvWw6pBEGvGzGGjuuXhhUdIplbOgVeeuy419bXwOHahMapO93dJ5cLTMLxEs7u5WGbqWD-mm5COwxSe74U9PMP1iGKgP8zunlyTS14ipGWoDRVwtcFaXWJUO7VQkDxX2krHDrUbPA8AyQwmytev2f_fFAa5cAAterWTb2iEID8PimKnohg7s4OpBfGpMvqu49FUhIRHo4Dr_GOs8Sm4MjxH2w7jQ8brAJCJYAzsyZcR1VbGEZbZ6ijXfNZQLGzPV6L82DIn6RtEiY4_8rhhpF1JsrvNVMM2mtJoUtcdXxVGY_tj_u9bkY3r9LagYYT9TPvXAEsWl9XdNT8Fu11-d0lczJTHPpO1t7RYSbC6uStEULUieIvXeKBqqAPdueTo9BqOku3IGNuUlIyn2IAGOxMVa4Pq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140516f4337ba30b4753907a767ce3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e33c59a37b0b1c83b99c6cb0e9c9c049c49e0a866ab23bd00c0123185557fb8e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAQ; OXPCLK=AAHg4AAAAAAAAAAQ; ppucnt=16
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAQ; OXPCLK=AAHg4AAAAAAAAAAQ; ppucnt=16
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=BU6SrI-OXvR5WZyhUVn5S8PIsoCJDYK4Byfcz85zSddIJ8RWigc-eb4eH4DbBNsPnmppbPnw3W9lsj2xH_hS6jujSyxuW-82rRsOtkMxFvDhomnJfIsvkkEdEKveGSbOo4kxVnz86Nc1IGhEi0oc-yvIuCx0RKA5eB_GYiernKCw2w71rFafJh4xisVYqdxGi_TNAgUS-H4v-GCPcW4LvEQ5clpJk7wc1LPqubdq2KDCd5tmd-sDx6rCoMiz7_YJZHF82QV7n4V0TXp8waelScq4HS1Y2dBUwUHCeotirPH53XGgCl7j84T6hrKzGci2a4cbpS3JzbR58MbcEMOZqXnPi_cIGikpJV7vQHtaC7jUETjgfNd7jH6IVDswTHscBD6wrNMt1JK-AhVL30dRmjOd-jV5LtcWTVK7bGxSfFSH4EC6IF5NyGqd3Ozh2CyYPXEFfohAxbz9tCZJnfSlbL-LfZrsuXGu7FAtJ-U8pqWX4rrDc1IQHy9ZVH9AzfJyrqO_xmZXTfrCfccumBrPEBQYtGGf5cI73v-BgRebuRrJTOUUCj1UxlJrKPimUAG74OI9sgFbqFO1jtg6VV5D6bkDZsH-kblBxEWiFM8fT18oTTXeeTQHXcnQ_164ICSpo4S0o4YhOhbeBPYxrgM5SswFmpQLDtoyfRmq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
024ba9048adfcef52563850ef064d008f52b134fb62d3771af4a665842719e45

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=BU6SrI-OXvR5WZyhUVn5S8PIsoCJDYK4Byfcz85zSddIJ8RWigc-eb4eH4DbBNsPnmppbPnw3W9lsj2xH_hS6jujSyxuW-82rRsOtkMxFvDhomnJfIsvkkEdEKveGSbOo4kxVnz86Nc1IGhEi0oc-yvIuCx0RKA5eB_GYiernKCw2w71rFafJh4xisVYqdxGi_TNAgUS-H4v-GCPcW4LvEQ5clpJk7wc1LPqubdq2KDCd5tmd-sDx6rCoMiz7_YJZHF82QV7n4V0TXp8waelScq4HS1Y2dBUwUHCeotirPH53XGgCl7j84T6hrKzGci2a4cbpS3JzbR58MbcEMOZqXnPi_cIGikpJV7vQHtaC7jUETjgfNd7jH6IVDswTHscBD6wrNMt1JK-AhVL30dRmjOd-jV5LtcWTVK7bGxSfFSH4EC6IF5NyGqd3Ozh2CyYPXEFfohAxbz9tCZJnfSlbL-LfZrsuXGu7FAtJ-U8pqWX4rrDc1IQHy9ZVH9AzfJyrqO_xmZXTfrCfccumBrPEBQYtGGf5cI73v-BgRebuRrJTOUUCj1UxlJrKPimUAG74OI9sgFbqFO1jtg6VV5D6bkDZsH-kblBxEWiFM8fT18oTTXeeTQHXcnQ_164ICSpo4S0o4YhOhbeBPYxrgM5SswFmpQLDtoyfRmq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAQ; OXPCLK=AAHg4AAAAAAAAAAQ; ppucnt=16
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAR; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAR; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure ppucnt=17; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=BU6SrI-OXvR5WZyhUVn5S8PIsoCJDYK4Byfcz85zSddIJ8RWigc-eb4eH4DbBNsPnmppbPnw3W9lsj2xH_hS6jujSyxuW-82rRsOtkMxFvDhomnJfIsvkkEdEKveGSbOo4kxVnz86Nc1IGhEi0oc-yvIuCx0RKA5eB_GYiernKCw2w71rFafJh4xisVYqdxGi_TNAgUS-H4v-GCPcW4LvEQ5clpJk7wc1LPqubdq2KDCd5tmd-sDx6rCoMiz7_YJZHF82QV7n4V0TXp8waelScq4HS1Y2dBUwUHCeotirPH53XGgCl7j84T6hrKzGci2a4cbpS3JzbR58MbcEMOZqXnPi_cIGikpJV7vQHtaC7jUETjgfNd7jH6IVDswTHscBD6wrNMt1JK-AhVL30dRmjOd-jV5LtcWTVK7bGxSfFSH4EC6IF5NyGqd3Ozh2CyYPXEFfohAxbz9tCZJnfSlbL-LfZrsuXGu7FAtJ-U8pqWX4rrDc1IQHy9ZVH9AzfJyrqO_xmZXTfrCfccumBrPEBQYtGGf5cI73v-BgRebuRrJTOUUCj1UxlJrKPimUAG74OI9sgFbqFO1jtg6VV5D6bkDZsH-kblBxEWiFM8fT18oTTXeeTQHXcnQ_164ICSpo4S0o4YhOhbeBPYxrgM5SswFmpQLDtoyfRmq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140534099f5cbbd24487a915c3c9ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b51bbb006f630070d3bfcfad074430fb430efc1460dbc205fe1a989ab68e160b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAR; OXPCLK=AAHg4AAAAAAAAAAR; ppucnt=17
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAR; OXPCLK=AAHg4AAAAAAAAAAR; ppucnt=17
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=7yBWNFvqe5lq61gHTS-0hjo3iXKj5Mp91Q97ObRQD7gGsXrzi8nEQ0n7fK4HV9OMp87goy-I_57vl5p3tDeRrDMLwba17JbN2aDgQJ9khxxgAsuGuClv0GvHP76_9DQxjbz8yEZ_p3nwQVphchBjMUdq35UjZNkJb0Ry-K72JpxOo5oUVTLEk7cGFDNY2rCeAo3wHqvRKNijwlYSxn6pG_b2zGhDc7ANRgPH9dyRrVJ5al10OMhfe_xdinKX3YCR56m1fB6fG73Rtkosp4da-8qDnd-UOFR4vmntRFOapp6blmhx_AsMhFIDF9Xvyt0alEUvCenBlzVbBfhUIR_kp_p1_2UnURa5lzqp2w5f5_mNYL4KNB3ULq8T8D5K2u5FbX79KpO0prOwbbM0RCK93yKy9OtUloZTbpPoz1hVsJ98qBe3ETOEsG7PAALhrlX7rARRW6MZqWwC2EIsmJAEe7ukawfLo1gtXFwZqH_neLNQD-FDf6_SAgk4h_gI4ch-11bNTF4NtbS4IZyUzt-5sXhTSfxWRpMNPp522pbFHy5ymsFrlylO_mBr0y7hvUA4uQI-DZSXGT5DEMmjQ5AjI5pd35y1Zhb-P9r7w1cT7_r9hGxiDvDf9HFz_RwXNKcCOgSvGgzqTbUkLyLRvrnrfhSYrB9kV3qL2i4d&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cdf237c9ff5d078fc466974b16ed1f3c3496a10c6733f5afcaad7bcd1846c2c5

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=7yBWNFvqe5lq61gHTS-0hjo3iXKj5Mp91Q97ObRQD7gGsXrzi8nEQ0n7fK4HV9OMp87goy-I_57vl5p3tDeRrDMLwba17JbN2aDgQJ9khxxgAsuGuClv0GvHP76_9DQxjbz8yEZ_p3nwQVphchBjMUdq35UjZNkJb0Ry-K72JpxOo5oUVTLEk7cGFDNY2rCeAo3wHqvRKNijwlYSxn6pG_b2zGhDc7ANRgPH9dyRrVJ5al10OMhfe_xdinKX3YCR56m1fB6fG73Rtkosp4da-8qDnd-UOFR4vmntRFOapp6blmhx_AsMhFIDF9Xvyt0alEUvCenBlzVbBfhUIR_kp_p1_2UnURa5lzqp2w5f5_mNYL4KNB3ULq8T8D5K2u5FbX79KpO0prOwbbM0RCK93yKy9OtUloZTbpPoz1hVsJ98qBe3ETOEsG7PAALhrlX7rARRW6MZqWwC2EIsmJAEe7ukawfLo1gtXFwZqH_neLNQD-FDf6_SAgk4h_gI4ch-11bNTF4NtbS4IZyUzt-5sXhTSfxWRpMNPp522pbFHy5ymsFrlylO_mBr0y7hvUA4uQI-DZSXGT5DEMmjQ5AjI5pd35y1Zhb-P9r7w1cT7_r9hGxiDvDf9HFz_RwXNKcCOgSvGgzqTbUkLyLRvrnrfhSYrB9kV3qL2i4d&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAR; OXPCLK=AAHg4AAAAAAAAAAR; ppucnt=17
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAS; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAS; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure ppucnt=18; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=7yBWNFvqe5lq61gHTS-0hjo3iXKj5Mp91Q97ObRQD7gGsXrzi8nEQ0n7fK4HV9OMp87goy-I_57vl5p3tDeRrDMLwba17JbN2aDgQJ9khxxgAsuGuClv0GvHP76_9DQxjbz8yEZ_p3nwQVphchBjMUdq35UjZNkJb0Ry-K72JpxOo5oUVTLEk7cGFDNY2rCeAo3wHqvRKNijwlYSxn6pG_b2zGhDc7ANRgPH9dyRrVJ5al10OMhfe_xdinKX3YCR56m1fB6fG73Rtkosp4da-8qDnd-UOFR4vmntRFOapp6blmhx_AsMhFIDF9Xvyt0alEUvCenBlzVbBfhUIR_kp_p1_2UnURa5lzqp2w5f5_mNYL4KNB3ULq8T8D5K2u5FbX79KpO0prOwbbM0RCK93yKy9OtUloZTbpPoz1hVsJ98qBe3ETOEsG7PAALhrlX7rARRW6MZqWwC2EIsmJAEe7ukawfLo1gtXFwZqH_neLNQD-FDf6_SAgk4h_gI4ch-11bNTF4NtbS4IZyUzt-5sXhTSfxWRpMNPp522pbFHy5ymsFrlylO_mBr0y7hvUA4uQI-DZSXGT5DEMmjQ5AjI5pd35y1Zhb-P9r7w1cT7_r9hGxiDvDf9HFz_RwXNKcCOgSvGgzqTbUkLyLRvrnrfhSYrB9kV3qL2i4d&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bdb70362ff7f4220a68347f281&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9accb4054437209ac05ca21b0d2722f8d9ec3fef5b46291e78df10c2e1a93b91

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAS; OXPCLK=AAHg4AAAAAAAAAAS; ppucnt=18
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAS; OXPCLK=AAHg4AAAAAAAAAAS; ppucnt=18
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=c8AkjWO4f52nH889hKGPiISws12-zhCWaUqJEtcj_0FiY_ihdu_ocSfukZ97aTFm65yHBvUxaDkMYBxzz3KVOtqpvhf8xrfkrQDKvD02-MmSHlcVad_OrQyNK4NCs5RwMHQP_LwjYYhVBOnXuib0y94s_JP2e7PguUvSIVBeEO1cKXOIOqsp7WdGFFQ3A6Fs-4BmBuE0rDs44ODjV75mp2kagiQRhpw9azMgYmEe7tx5ukrxBGp8MAyg5zljcgIlbEo_ADaVhuRBsQ34e8UUkHh6lxKQAZ3GLAdPhwmiiGyxGxzO3wSrMygYQrGF1fSpskr82txVwS1RyqngjLscggwJFgYgl3mqvZXFc5gOV3ckPQLGawwloA6uXCdcwQG0b2x4LyF8fzj0PJG6RgXdzcRk8VvM89G2ZaPt8lzzAUPkn66bE4YQv_taQtkIA3rTDE8l3OfzKmdcIitXRCNKTMnGTEm2o-sK3wC8iyBhw0akm99O_jXZI3ejxf85hZAKpIXrguGk4-jz8sZnWAlO16QzeA5ElzKq32qNuSVSOoeYojiP8pddcrYnqPyu0p-vAAgE3FHy47c9OlrnjaAajAhuzoN-eaEZFygyrAMuhve_fqPBh0JaIqBvB3xDmYGQDMBj7jZVG1DOY0CMiQZHEd8S2gWE7JK8kKWy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4efb07a5d26a8ac7f86568749d71003cd312bcf4e315093a38e70718e1ac7f85

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=c8AkjWO4f52nH889hKGPiISws12-zhCWaUqJEtcj_0FiY_ihdu_ocSfukZ97aTFm65yHBvUxaDkMYBxzz3KVOtqpvhf8xrfkrQDKvD02-MmSHlcVad_OrQyNK4NCs5RwMHQP_LwjYYhVBOnXuib0y94s_JP2e7PguUvSIVBeEO1cKXOIOqsp7WdGFFQ3A6Fs-4BmBuE0rDs44ODjV75mp2kagiQRhpw9azMgYmEe7tx5ukrxBGp8MAyg5zljcgIlbEo_ADaVhuRBsQ34e8UUkHh6lxKQAZ3GLAdPhwmiiGyxGxzO3wSrMygYQrGF1fSpskr82txVwS1RyqngjLscggwJFgYgl3mqvZXFc5gOV3ckPQLGawwloA6uXCdcwQG0b2x4LyF8fzj0PJG6RgXdzcRk8VvM89G2ZaPt8lzzAUPkn66bE4YQv_taQtkIA3rTDE8l3OfzKmdcIitXRCNKTMnGTEm2o-sK3wC8iyBhw0akm99O_jXZI3ejxf85hZAKpIXrguGk4-jz8sZnWAlO16QzeA5ElzKq32qNuSVSOoeYojiP8pddcrYnqPyu0p-vAAgE3FHy47c9OlrnjaAajAhuzoN-eaEZFygyrAMuhve_fqPBh0JaIqBvB3xDmYGQDMBj7jZVG1DOY0CMiQZHEd8S2gWE7JK8kKWy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAS; OXPCLK=AAHg4AAAAAAAAAAS; ppucnt=18
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAT; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAT; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure ppucnt=19; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:35 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=c8AkjWO4f52nH889hKGPiISws12-zhCWaUqJEtcj_0FiY_ihdu_ocSfukZ97aTFm65yHBvUxaDkMYBxzz3KVOtqpvhf8xrfkrQDKvD02-MmSHlcVad_OrQyNK4NCs5RwMHQP_LwjYYhVBOnXuib0y94s_JP2e7PguUvSIVBeEO1cKXOIOqsp7WdGFFQ3A6Fs-4BmBuE0rDs44ODjV75mp2kagiQRhpw9azMgYmEe7tx5ukrxBGp8MAyg5zljcgIlbEo_ADaVhuRBsQ34e8UUkHh6lxKQAZ3GLAdPhwmiiGyxGxzO3wSrMygYQrGF1fSpskr82txVwS1RyqngjLscggwJFgYgl3mqvZXFc5gOV3ckPQLGawwloA6uXCdcwQG0b2x4LyF8fzj0PJG6RgXdzcRk8VvM89G2ZaPt8lzzAUPkn66bE4YQv_taQtkIA3rTDE8l3OfzKmdcIitXRCNKTMnGTEm2o-sK3wC8iyBhw0akm99O_jXZI3ejxf85hZAKpIXrguGk4-jz8sZnWAlO16QzeA5ElzKq32qNuSVSOoeYojiP8pddcrYnqPyu0p-vAAgE3FHy47c9OlrnjaAajAhuzoN-eaEZFygyrAMuhve_fqPBh0JaIqBvB3xDmYGQDMBj7jZVG1DOY0CMiQZHEd8S2gWE7JK8kKWy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:35 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055b764fd65abe4a0f9a7817b28c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:35 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:35 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
14e6582235510ec78b8b46841e32b49fca9a29fdee2d16bab4ac80c275b2842a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAT; OXPCLK=AAHg4AAAAAAAAAAT; ppucnt=19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAT; OXPCLK=AAHg4AAAAAAAAAAT; ppucnt=19
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=DBRmu5nfn9dFRQfWQt5HLx0-qvF84qPuZyAKpEK6m7p9Wp7z8U7zAMBwSU-T1QARYC1FEz4GhmBwuIExZiUSI0qXAcBxSZVdWgGHD2SsaJa-J-TDvSpU-Ei2gPvX5dSZjeK_uz2ahNXWwtzYtA6vSA4fOIaQxvPVph2s4xpif-wontU3ehCelroTHoct2KDB18PIQh-Y6GzL3CQQ6koxoRc-BsZ7WgQRVpHlUGxlcp---e0DG9p3Fn-3NA2320_hfp_4rhBIUfZVtSTfly2QVRB43qLxTyDuzwgC_RoRzos8b-b3Ty9nwKjpLkgVNKBzlORfTFHIMO_m2A-G4yvKYo4O2c6BznHMp_P1bmBktlS_zjs8L5OamQ9Owe-bMcKjAHLjZeL28DAVT9M8NoxtjN5EJW_wZGqex9tluMfjjchb5uiU3SmJdZOiNI233ov6BG4n5IoSYTELF7pZWZ6HcG8bc9vCGhrg8B4j5tBSBhhd-52wY5zyetiYrDI3qHGBAhqMgb0aobvYUgqHsXBdq3K-nM6BAkDSzdzZfhbbulGFYvf5p7apyUKndCjPnOis60IdzNgjkPVyLyEJEk-PY7VvD_QYqyeE2Hdt_RGHEsgQb0KH3qpLn7CsULhLaykr8giKtL3i8Asx8yuNMvGsHdZqbX-lWouq4H_q&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7257fe417f613de7ee039c2082a50ef8bc6171edd06711d721dd58cfc1581274

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=DBRmu5nfn9dFRQfWQt5HLx0-qvF84qPuZyAKpEK6m7p9Wp7z8U7zAMBwSU-T1QARYC1FEz4GhmBwuIExZiUSI0qXAcBxSZVdWgGHD2SsaJa-J-TDvSpU-Ei2gPvX5dSZjeK_uz2ahNXWwtzYtA6vSA4fOIaQxvPVph2s4xpif-wontU3ehCelroTHoct2KDB18PIQh-Y6GzL3CQQ6koxoRc-BsZ7WgQRVpHlUGxlcp---e0DG9p3Fn-3NA2320_hfp_4rhBIUfZVtSTfly2QVRB43qLxTyDuzwgC_RoRzos8b-b3Ty9nwKjpLkgVNKBzlORfTFHIMO_m2A-G4yvKYo4O2c6BznHMp_P1bmBktlS_zjs8L5OamQ9Owe-bMcKjAHLjZeL28DAVT9M8NoxtjN5EJW_wZGqex9tluMfjjchb5uiU3SmJdZOiNI233ov6BG4n5IoSYTELF7pZWZ6HcG8bc9vCGhrg8B4j5tBSBhhd-52wY5zyetiYrDI3qHGBAhqMgb0aobvYUgqHsXBdq3K-nM6BAkDSzdzZfhbbulGFYvf5p7apyUKndCjPnOis60IdzNgjkPVyLyEJEk-PY7VvD_QYqyeE2Hdt_RGHEsgQb0KH3qpLn7CsULhLaykr8giKtL3i8Asx8yuNMvGsHdZqbX-lWouq4H_q&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAT; OXPCLK=AAHg4AAAAAAAAAAT; ppucnt=19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAU; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAU; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=20; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=b0266f4c633c6096dca898e8e7d090751631480735&psp=DBRmu5nfn9dFRQfWQt5HLx0-qvF84qPuZyAKpEK6m7p9Wp7z8U7zAMBwSU-T1QARYC1FEz4GhmBwuIExZiUSI0qXAcBxSZVdWgGHD2SsaJa-J-TDvSpU-Ei2gPvX5dSZjeK_uz2ahNXWwtzYtA6vSA4fOIaQxvPVph2s4xpif-wontU3ehCelroTHoct2KDB18PIQh-Y6GzL3CQQ6koxoRc-BsZ7WgQRVpHlUGxlcp---e0DG9p3Fn-3NA2320_hfp_4rhBIUfZVtSTfly2QVRB43qLxTyDuzwgC_RoRzos8b-b3Ty9nwKjpLkgVNKBzlORfTFHIMO_m2A-G4yvKYo4O2c6BznHMp_P1bmBktlS_zjs8L5OamQ9Owe-bMcKjAHLjZeL28DAVT9M8NoxtjN5EJW_wZGqex9tluMfjjchb5uiU3SmJdZOiNI233ov6BG4n5IoSYTELF7pZWZ6HcG8bc9vCGhrg8B4j5tBSBhhd-52wY5zyetiYrDI3qHGBAhqMgb0aobvYUgqHsXBdq3K-nM6BAkDSzdzZfhbbulGFYvf5p7apyUKndCjPnOis60IdzNgjkPVyLyEJEk-PY7VvD_QYqyeE2Hdt_RGHEsgQb0KH3qpLn7CsULhLaykr8giKtL3i8Asx8yuNMvGsHdZqbX-lWouq4H_q&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d8d66a1072f45b4aef6bbd08c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1e53cb77e082573cf29e5e247042ac1b3ab02ec4eb0a8494a9382a649e696f1b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAU; OXPCLK=AAHg4AAAAAAAAAAU; ppucnt=20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAU; OXPCLK=AAHg4AAAAAAAAAAU; ppucnt=20
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=mBUVD6jvHko2w1-i_kjlsh9fPgjj0HIia3umtrXVo8O99cHfDDSD1i47oIreqCFF05N93TIC6HYf2gBmsLKUsLBljOknRA47YsSMUBBG2b99lhgTO2ej4zdf9WRbyAyMhKbH3LdpG623d4qBAwzSuv4BYxrXm5Of3HKWP1oxZxypwxszZspYR1UMW0Vd4iSNjL87LP9Mnf4iFYUIzgJ2RnI4gzTGE6vhAvEc86DN2-wAu7RCjAuqQDU05oHDYXv1wLwXOWnQHwcreQOV4ylT53gWyrVdR-bwRYFoNTWXTvLSTBLSMVktvpL165mv84n7JzjylIr5bwHJemzOyQAJHacgkzQpRFIGqIf-StMtifKveB8oJ72wa8NnqYGfJok2v39q3sp40Xy5exdQ7BfpU9o40k-mPHgabnHdfNZbuDuxkTRfWk0AcVhTiB2a14eeL3aYZaBrhLmiV8BmTW1Zudh1hzAUrHgPDpTxd_cqxip-OzCxcP1LvP01qejfMDVkngsBtsu1qxg_kxnwSaER418_yA-_KYmx512J4pXOF_MBDaJzRwjoOTyaMinFw_rVcIweLw-JsenNqSBANxpcMxZJOmGm9pojq95AhrfuiOkB6OlAQ0fesvjdlrg8fzS8Xeuqni-dSiwPBXGYhgSwX37CgIkOQiWIam6M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
80abdbd276499dc693cd2bec00451e2187cd79a1d76c321f0ad0eff260e9d641

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=mBUVD6jvHko2w1-i_kjlsh9fPgjj0HIia3umtrXVo8O99cHfDDSD1i47oIreqCFF05N93TIC6HYf2gBmsLKUsLBljOknRA47YsSMUBBG2b99lhgTO2ej4zdf9WRbyAyMhKbH3LdpG623d4qBAwzSuv4BYxrXm5Of3HKWP1oxZxypwxszZspYR1UMW0Vd4iSNjL87LP9Mnf4iFYUIzgJ2RnI4gzTGE6vhAvEc86DN2-wAu7RCjAuqQDU05oHDYXv1wLwXOWnQHwcreQOV4ylT53gWyrVdR-bwRYFoNTWXTvLSTBLSMVktvpL165mv84n7JzjylIr5bwHJemzOyQAJHacgkzQpRFIGqIf-StMtifKveB8oJ72wa8NnqYGfJok2v39q3sp40Xy5exdQ7BfpU9o40k-mPHgabnHdfNZbuDuxkTRfWk0AcVhTiB2a14eeL3aYZaBrhLmiV8BmTW1Zudh1hzAUrHgPDpTxd_cqxip-OzCxcP1LvP01qejfMDVkngsBtsu1qxg_kxnwSaER418_yA-_KYmx512J4pXOF_MBDaJzRwjoOTyaMinFw_rVcIweLw-JsenNqSBANxpcMxZJOmGm9pojq95AhrfuiOkB6OlAQ0fesvjdlrg8fzS8Xeuqni-dSiwPBXGYhgSwX37CgIkOQiWIam6M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAU; OXPCLK=AAHg4AAAAAAAAAAU; ppucnt=20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAV; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAV; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=21; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=mBUVD6jvHko2w1-i_kjlsh9fPgjj0HIia3umtrXVo8O99cHfDDSD1i47oIreqCFF05N93TIC6HYf2gBmsLKUsLBljOknRA47YsSMUBBG2b99lhgTO2ej4zdf9WRbyAyMhKbH3LdpG623d4qBAwzSuv4BYxrXm5Of3HKWP1oxZxypwxszZspYR1UMW0Vd4iSNjL87LP9Mnf4iFYUIzgJ2RnI4gzTGE6vhAvEc86DN2-wAu7RCjAuqQDU05oHDYXv1wLwXOWnQHwcreQOV4ylT53gWyrVdR-bwRYFoNTWXTvLSTBLSMVktvpL165mv84n7JzjylIr5bwHJemzOyQAJHacgkzQpRFIGqIf-StMtifKveB8oJ72wa8NnqYGfJok2v39q3sp40Xy5exdQ7BfpU9o40k-mPHgabnHdfNZbuDuxkTRfWk0AcVhTiB2a14eeL3aYZaBrhLmiV8BmTW1Zudh1hzAUrHgPDpTxd_cqxip-OzCxcP1LvP01qejfMDVkngsBtsu1qxg_kxnwSaER418_yA-_KYmx512J4pXOF_MBDaJzRwjoOTyaMinFw_rVcIweLw-JsenNqSBANxpcMxZJOmGm9pojq95AhrfuiOkB6OlAQ0fesvjdlrg8fzS8Xeuqni-dSiwPBXGYhgSwX37CgIkOQiWIam6M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140550aca34b3fc347c28274ff75f6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c8f1f3f03e4f8b721348fc0206278355f4b978ed660263af422b8f27e5bf267d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAV; OXPCLK=AAHg4AAAAAAAAAAV; ppucnt=21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAV; OXPCLK=AAHg4AAAAAAAAAAV; ppucnt=21
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=tUXFT395Wbt3UkkayiK8Vsmrc083KcUBG6Pgrej8UdEvfLnTQFvdFS0Dua1QUN4fPrmb7IXy--aFOO5uwdf2viMFgvkvhd6VIFPGco4MWw4S6eDhqD-7I8ZMaL9sQsQBbJ2Nol2gD7f2nx2GKw5qApiF2_dVS7BITLhsY6SilR9JkIxujoEIfBqsKGlhkcN17WNZ5d8CfaQubjqzND2dqvO1xHmMkW-J8l6sYWl3LGIJ3stq6HTzbgp2mvpHpugwBUAyoIBlliIqyUCFAJCONXOhNwKypYILPXkID90JQ9BH7bjhDZTUV0TN9emgutIyQSzT0q5NDKst3OzCww6fmvtmwXcJO4NjPvU2O_oyVARDNdDKalJg63b-MhpH2cyc_q4rwWWDnZkxdwtWDGQBUY7Js_eKxCFRjlCwanaD2q_WHvyN60QBnV0iCz3mKU2IlFRcLZpowaJbeoiVvoCOYUTIgjF3Qzh40cLCVjY7qhxZEIrSkFeEl1PK9zxb1TmQNt6ghhuwtSut-Bivmx3IxFKVN4eRY3x4Yqx_kTwU7hIA9Srxg6j9E_rK3Rpdib0YI7I7GfA0Byq71LNgqNUPXe4OG8Qv6MgjCQqXabX1owAstSduROFU2MMmwQ9spkiGV8Id-J-HoulgeSqx9n4SJ-2D0BsPAZm3mISM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f1323a411cbf79a0d54bfe52f139ae9a0ea63287ab7b4a716c968ed69667ce2e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=tUXFT395Wbt3UkkayiK8Vsmrc083KcUBG6Pgrej8UdEvfLnTQFvdFS0Dua1QUN4fPrmb7IXy--aFOO5uwdf2viMFgvkvhd6VIFPGco4MWw4S6eDhqD-7I8ZMaL9sQsQBbJ2Nol2gD7f2nx2GKw5qApiF2_dVS7BITLhsY6SilR9JkIxujoEIfBqsKGlhkcN17WNZ5d8CfaQubjqzND2dqvO1xHmMkW-J8l6sYWl3LGIJ3stq6HTzbgp2mvpHpugwBUAyoIBlliIqyUCFAJCONXOhNwKypYILPXkID90JQ9BH7bjhDZTUV0TN9emgutIyQSzT0q5NDKst3OzCww6fmvtmwXcJO4NjPvU2O_oyVARDNdDKalJg63b-MhpH2cyc_q4rwWWDnZkxdwtWDGQBUY7Js_eKxCFRjlCwanaD2q_WHvyN60QBnV0iCz3mKU2IlFRcLZpowaJbeoiVvoCOYUTIgjF3Qzh40cLCVjY7qhxZEIrSkFeEl1PK9zxb1TmQNt6ghhuwtSut-Bivmx3IxFKVN4eRY3x4Yqx_kTwU7hIA9Srxg6j9E_rK3Rpdib0YI7I7GfA0Byq71LNgqNUPXe4OG8Qv6MgjCQqXabX1owAstSduROFU2MMmwQ9spkiGV8Id-J-HoulgeSqx9n4SJ-2D0BsPAZm3mISM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAV; OXPCLK=AAHg4AAAAAAAAAAV; ppucnt=21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAW; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAW; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=22; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=tUXFT395Wbt3UkkayiK8Vsmrc083KcUBG6Pgrej8UdEvfLnTQFvdFS0Dua1QUN4fPrmb7IXy--aFOO5uwdf2viMFgvkvhd6VIFPGco4MWw4S6eDhqD-7I8ZMaL9sQsQBbJ2Nol2gD7f2nx2GKw5qApiF2_dVS7BITLhsY6SilR9JkIxujoEIfBqsKGlhkcN17WNZ5d8CfaQubjqzND2dqvO1xHmMkW-J8l6sYWl3LGIJ3stq6HTzbgp2mvpHpugwBUAyoIBlliIqyUCFAJCONXOhNwKypYILPXkID90JQ9BH7bjhDZTUV0TN9emgutIyQSzT0q5NDKst3OzCww6fmvtmwXcJO4NjPvU2O_oyVARDNdDKalJg63b-MhpH2cyc_q4rwWWDnZkxdwtWDGQBUY7Js_eKxCFRjlCwanaD2q_WHvyN60QBnV0iCz3mKU2IlFRcLZpowaJbeoiVvoCOYUTIgjF3Qzh40cLCVjY7qhxZEIrSkFeEl1PK9zxb1TmQNt6ghhuwtSut-Bivmx3IxFKVN4eRY3x4Yqx_kTwU7hIA9Srxg6j9E_rK3Rpdib0YI7I7GfA0Byq71LNgqNUPXe4OG8Qv6MgjCQqXabX1owAstSduROFU2MMmwQ9spkiGV8Id-J-HoulgeSqx9n4SJ-2D0BsPAZm3mISM&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140593579678dc6f4108a29c5814f5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
899c20783a3d4006212939ad26e423af2268c882fb6ae2af0deed32b1ba6053d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAW; OXPCLK=AAHg4AAAAAAAAAAW; ppucnt=22
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAW; OXPCLK=AAHg4AAAAAAAAAAW; ppucnt=22
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=cGpS_jrYPwEpmyErUvIReveuWacyBJYbLtfi_tDrb6oxT1Q3eB8f2whPyHhQPeTrFKYp4VODcUiVq4GoB01gQNNin865oM9Hs5Ygux0FG228_SdgTotvFW8-fMVHOoQxQxUMpTkfx_v4P_h38PrxPpYGAepaLEIoL4A8OpZC0WUTfAOitm5IUVrV8qR4QyFqxAPGecbZVIb5jHl98OBsZOIUbhImjb8BXL8-ybjhxuucCO2xay248CqgztSgd5GXq2UJpcwn91qirA66J2xS0n8cMXlF_49ntZTTdXBA5tHioJ0EA7zij91mfyyoVgUT0dMdEmKVwfnfy3CYDBiYzRmwxFwZbW-9Ri_55Ewgyar_8RAXZl9d5cVVH3PJo4bIjFimaYYKFWpUGdZGaoU0PQ7JySAK81rOnloQCqrROTbohbIcZxGi4Uumrc04HoGWuEGhCTg-zJkse89HhBQ9tp7z7FwlnW01ePaz_LfzolHvfkBhHo378KDanglg41563bVFXdNo0dRyvoTxSuTUSvUYfUVP9T2Ip3H_xr2PNnJHsr9BTNMlK3CONODWPuMKWv3p1NbrB8uxXNDAxOiwtmr_1GxtOdG2xyjSJQELYGJBiaFBoUM0Te1wLihXjVduuwdiDrDQuQU3U-w60Wte4L8b6PtEuwXwMma_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
466cd7def5f799efc9908036d69f48304005d22544175bd0310b6aa0a280b015

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=cGpS_jrYPwEpmyErUvIReveuWacyBJYbLtfi_tDrb6oxT1Q3eB8f2whPyHhQPeTrFKYp4VODcUiVq4GoB01gQNNin865oM9Hs5Ygux0FG228_SdgTotvFW8-fMVHOoQxQxUMpTkfx_v4P_h38PrxPpYGAepaLEIoL4A8OpZC0WUTfAOitm5IUVrV8qR4QyFqxAPGecbZVIb5jHl98OBsZOIUbhImjb8BXL8-ybjhxuucCO2xay248CqgztSgd5GXq2UJpcwn91qirA66J2xS0n8cMXlF_49ntZTTdXBA5tHioJ0EA7zij91mfyyoVgUT0dMdEmKVwfnfy3CYDBiYzRmwxFwZbW-9Ri_55Ewgyar_8RAXZl9d5cVVH3PJo4bIjFimaYYKFWpUGdZGaoU0PQ7JySAK81rOnloQCqrROTbohbIcZxGi4Uumrc04HoGWuEGhCTg-zJkse89HhBQ9tp7z7FwlnW01ePaz_LfzolHvfkBhHo378KDanglg41563bVFXdNo0dRyvoTxSuTUSvUYfUVP9T2Ip3H_xr2PNnJHsr9BTNMlK3CONODWPuMKWv3p1NbrB8uxXNDAxOiwtmr_1GxtOdG2xyjSJQELYGJBiaFBoUM0Te1wLihXjVduuwdiDrDQuQU3U-w60Wte4L8b6PtEuwXwMma_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAW; OXPCLK=AAHg4AAAAAAAAAAW; ppucnt=22
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAX; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAX; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=23; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=cGpS_jrYPwEpmyErUvIReveuWacyBJYbLtfi_tDrb6oxT1Q3eB8f2whPyHhQPeTrFKYp4VODcUiVq4GoB01gQNNin865oM9Hs5Ygux0FG228_SdgTotvFW8-fMVHOoQxQxUMpTkfx_v4P_h38PrxPpYGAepaLEIoL4A8OpZC0WUTfAOitm5IUVrV8qR4QyFqxAPGecbZVIb5jHl98OBsZOIUbhImjb8BXL8-ybjhxuucCO2xay248CqgztSgd5GXq2UJpcwn91qirA66J2xS0n8cMXlF_49ntZTTdXBA5tHioJ0EA7zij91mfyyoVgUT0dMdEmKVwfnfy3CYDBiYzRmwxFwZbW-9Ri_55Ewgyar_8RAXZl9d5cVVH3PJo4bIjFimaYYKFWpUGdZGaoU0PQ7JySAK81rOnloQCqrROTbohbIcZxGi4Uumrc04HoGWuEGhCTg-zJkse89HhBQ9tp7z7FwlnW01ePaz_LfzolHvfkBhHo378KDanglg41563bVFXdNo0dRyvoTxSuTUSvUYfUVP9T2Ip3H_xr2PNnJHsr9BTNMlK3CONODWPuMKWv3p1NbrB8uxXNDAxOiwtmr_1GxtOdG2xyjSJQELYGJBiaFBoUM0Te1wLihXjVduuwdiDrDQuQU3U-w60Wte4L8b6PtEuwXwMma_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140586f72db7d7924293afc2e8edaf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b5292d46616a2655389f351e9a7b02dac47c141050cc147b5f46fec4516734fd

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAX; OXPCLK=AAHg4AAAAAAAAAAX; ppucnt=23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAX; OXPCLK=AAHg4AAAAAAAAAAX; ppucnt=23
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=W2XS8uNkVRi_D_o1o3xUPNckM4Jv_PXuB0jeHRlbkPIWsX2GYiQ1cjL0mZzWkT7Xo6NmGoJnKaW7sb_u3XXT959RHNJfH7MdXKPSjkOCSbnA9c739PKoqLDMapHKWx7XwJ9veiK4T43cl_8YaWjcCZXzPSdZbCgJ9fzXux9xPh8loQ__BDPIrdg1Px_DKo_TRAFaHVA7x_gXqxPveUfUbANsctyFBQR5fnma-iiaUfKU12UtkIXlqy6QSdyq8YblOiq0IZxu8MoZ5aCGk73rlhXFBQOJUc2B0MoxfHRu-kcxVM1vrzP2S4cvHbzqvsUCRCK7ddW6dMhQmyjBy55hi1mNFxtxjnrjDbFQ-cWEMQe3jLL-WtEjCbyXw8Lhgrmy6WOQWNWNcCFdsAM9hgFoRtyHSxzPOrS85lR_ofuCp4rCgkLv9eCcgUz_7NWI2f729mCcI4RnoDHyedGOkhAYVzb10gilEcl5HT6spdKTbtyrTVb1k8H1T43LOYa3BpBpr_flWszhVqRagNS3VPl1xZBHD87mKtS1oGWSgLSQW9p-YTTHo0J3suNta9cqKCoszhgLqxXCUJUdDvTKPS7IkfTygs1ohpoRrQxxCrJ9vyNC1vBtBjMT-Ye_qPTGgC66GpNd27uQfUrnGGDeRwtxi2O6_N4pUtCtqbhI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9eea27020684a1c908b7c71797682b7e61eff1e1326ae133bff631e2b1e766f9

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=W2XS8uNkVRi_D_o1o3xUPNckM4Jv_PXuB0jeHRlbkPIWsX2GYiQ1cjL0mZzWkT7Xo6NmGoJnKaW7sb_u3XXT959RHNJfH7MdXKPSjkOCSbnA9c739PKoqLDMapHKWx7XwJ9veiK4T43cl_8YaWjcCZXzPSdZbCgJ9fzXux9xPh8loQ__BDPIrdg1Px_DKo_TRAFaHVA7x_gXqxPveUfUbANsctyFBQR5fnma-iiaUfKU12UtkIXlqy6QSdyq8YblOiq0IZxu8MoZ5aCGk73rlhXFBQOJUc2B0MoxfHRu-kcxVM1vrzP2S4cvHbzqvsUCRCK7ddW6dMhQmyjBy55hi1mNFxtxjnrjDbFQ-cWEMQe3jLL-WtEjCbyXw8Lhgrmy6WOQWNWNcCFdsAM9hgFoRtyHSxzPOrS85lR_ofuCp4rCgkLv9eCcgUz_7NWI2f729mCcI4RnoDHyedGOkhAYVzb10gilEcl5HT6spdKTbtyrTVb1k8H1T43LOYa3BpBpr_flWszhVqRagNS3VPl1xZBHD87mKtS1oGWSgLSQW9p-YTTHo0J3suNta9cqKCoszhgLqxXCUJUdDvTKPS7IkfTygs1ohpoRrQxxCrJ9vyNC1vBtBjMT-Ye_qPTGgC66GpNd27uQfUrnGGDeRwtxi2O6_N4pUtCtqbhI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAX; OXPCLK=AAHg4AAAAAAAAAAX; ppucnt=23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAY; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAY; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=24; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=W2XS8uNkVRi_D_o1o3xUPNckM4Jv_PXuB0jeHRlbkPIWsX2GYiQ1cjL0mZzWkT7Xo6NmGoJnKaW7sb_u3XXT959RHNJfH7MdXKPSjkOCSbnA9c739PKoqLDMapHKWx7XwJ9veiK4T43cl_8YaWjcCZXzPSdZbCgJ9fzXux9xPh8loQ__BDPIrdg1Px_DKo_TRAFaHVA7x_gXqxPveUfUbANsctyFBQR5fnma-iiaUfKU12UtkIXlqy6QSdyq8YblOiq0IZxu8MoZ5aCGk73rlhXFBQOJUc2B0MoxfHRu-kcxVM1vrzP2S4cvHbzqvsUCRCK7ddW6dMhQmyjBy55hi1mNFxtxjnrjDbFQ-cWEMQe3jLL-WtEjCbyXw8Lhgrmy6WOQWNWNcCFdsAM9hgFoRtyHSxzPOrS85lR_ofuCp4rCgkLv9eCcgUz_7NWI2f729mCcI4RnoDHyedGOkhAYVzb10gilEcl5HT6spdKTbtyrTVb1k8H1T43LOYa3BpBpr_flWszhVqRagNS3VPl1xZBHD87mKtS1oGWSgLSQW9p-YTTHo0J3suNta9cqKCoszhgLqxXCUJUdDvTKPS7IkfTygs1ohpoRrQxxCrJ9vyNC1vBtBjMT-Ye_qPTGgC66GpNd27uQfUrnGGDeRwtxi2O6_N4pUtCtqbhI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c1b23246f8eb40df8784078faf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
15d4062fe3c06f6b6ef11cbb564926f947051eddd624a7b65acc6ded9e6dad8e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAY; OXPCLK=AAHg4AAAAAAAAAAY; ppucnt=24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAY; OXPCLK=AAHg4AAAAAAAAAAY; ppucnt=24
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=i3jPbnt8vbL5VC_rFPOquyF2P0K43QDg0qY3iN-Vue1ZbGfulbnVWzL430hd3oxPE3vKv9dpINkhfhV-kqU2O8FBfWXOky4ls7weBfP6t6tE3F0zWfIOAdE2FkwSoZidcQKfqizGHD5m-HiEVcE_ztSmkk35X0FmFfqJGZE7kQMItm8Pzh2tv3Iu8wk566lUP6w7mA0nGdvYxWr33wCeamAhl43WqmIMDpVzHRqlJMtMo-wnl4Bc6nGUeUMb33lNfLFbTD1mijR3xe2WETIoo7UbwBL1qxjyt7qJP7W8k4KoSc9DrIXEFEc8VLZ5EEg0kwiEgYJ2wAzLdjkrCqKamsonzvjhDYZMwXh0R9fIjoeuDZ3LfxQdTfqujAtOx_APFLQalfzlyRz1m09ZMMvvoVQFiT-0LH4WD8TRZ_N6FZlSmqEP_WV2JW50Gj7Eok558UF27_v9WKFxMybGTlGOjnyZLRW9HKc2pRFGpoYS-I4zx2FL8amMbVJpWCDz-ILdS0cbbXD8mpaL07UuWoycvZL-MFtjoQXRcYhbem8vQGZxDrb7PJN--_u6CvujeXLelhTkjCEZbEdghGh1N-T7AMatTQB4fZtPV9CdEAF653gqL72zZPameZkhgmMvzSoHcsOC1gl7hFyUZDF53SpCtTsDB8qwBoN3FhrB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d7964f413f8a502100c0cb272545557288d930a61600aded028b1a7e8fa73053

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=i3jPbnt8vbL5VC_rFPOquyF2P0K43QDg0qY3iN-Vue1ZbGfulbnVWzL430hd3oxPE3vKv9dpINkhfhV-kqU2O8FBfWXOky4ls7weBfP6t6tE3F0zWfIOAdE2FkwSoZidcQKfqizGHD5m-HiEVcE_ztSmkk35X0FmFfqJGZE7kQMItm8Pzh2tv3Iu8wk566lUP6w7mA0nGdvYxWr33wCeamAhl43WqmIMDpVzHRqlJMtMo-wnl4Bc6nGUeUMb33lNfLFbTD1mijR3xe2WETIoo7UbwBL1qxjyt7qJP7W8k4KoSc9DrIXEFEc8VLZ5EEg0kwiEgYJ2wAzLdjkrCqKamsonzvjhDYZMwXh0R9fIjoeuDZ3LfxQdTfqujAtOx_APFLQalfzlyRz1m09ZMMvvoVQFiT-0LH4WD8TRZ_N6FZlSmqEP_WV2JW50Gj7Eok558UF27_v9WKFxMybGTlGOjnyZLRW9HKc2pRFGpoYS-I4zx2FL8amMbVJpWCDz-ILdS0cbbXD8mpaL07UuWoycvZL-MFtjoQXRcYhbem8vQGZxDrb7PJN--_u6CvujeXLelhTkjCEZbEdghGh1N-T7AMatTQB4fZtPV9CdEAF653gqL72zZPameZkhgmMvzSoHcsOC1gl7hFyUZDF53SpCtTsDB8qwBoN3FhrB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAY; OXPCLK=AAHg4AAAAAAAAAAY; ppucnt=24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAZ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAZ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=25; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=i3jPbnt8vbL5VC_rFPOquyF2P0K43QDg0qY3iN-Vue1ZbGfulbnVWzL430hd3oxPE3vKv9dpINkhfhV-kqU2O8FBfWXOky4ls7weBfP6t6tE3F0zWfIOAdE2FkwSoZidcQKfqizGHD5m-HiEVcE_ztSmkk35X0FmFfqJGZE7kQMItm8Pzh2tv3Iu8wk566lUP6w7mA0nGdvYxWr33wCeamAhl43WqmIMDpVzHRqlJMtMo-wnl4Bc6nGUeUMb33lNfLFbTD1mijR3xe2WETIoo7UbwBL1qxjyt7qJP7W8k4KoSc9DrIXEFEc8VLZ5EEg0kwiEgYJ2wAzLdjkrCqKamsonzvjhDYZMwXh0R9fIjoeuDZ3LfxQdTfqujAtOx_APFLQalfzlyRz1m09ZMMvvoVQFiT-0LH4WD8TRZ_N6FZlSmqEP_WV2JW50Gj7Eok558UF27_v9WKFxMybGTlGOjnyZLRW9HKc2pRFGpoYS-I4zx2FL8amMbVJpWCDz-ILdS0cbbXD8mpaL07UuWoycvZL-MFtjoQXRcYhbem8vQGZxDrb7PJN--_u6CvujeXLelhTkjCEZbEdghGh1N-T7AMatTQB4fZtPV9CdEAF653gqL72zZPameZkhgmMvzSoHcsOC1gl7hFyUZDF53SpCtTsDB8qwBoN3FhrB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057168826a0c9d476a8c1117b646&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1f180c086d09b3593f290adc3455911d6c313bf78f60ca62525619fe49fb8888

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAZ; OXPCLK=AAHg4AAAAAAAAAAZ; ppucnt=25
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAZ; OXPCLK=AAHg4AAAAAAAAAAZ; ppucnt=25
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=gtbom_-5xZRqGuSV5TBpimA6FtkFh3mnDMpX-zwUTsLw97nbVjX7RidWucR9xAsluoG8nezO_k_gayfi8OCbRM8JacnWYTJtWRJ25pqJi4ElA5CEfjgFVucfEIOTDjD71tXvL99wehylG4sKkDWpHwKUfalZ17NwydX8jrqzQjcooFqX8u2IhEn35tCGr04jBGvBty6JfQSHVdvBNt2co_XS1WNTYPZKMvmkzValWSxuzoTP2lQvH_4lNeNnxnqowY9LwVKOafPjbQ9e92DPqZYTREPPs0yaL2WmFrAEX2kNM6Yi0y1ySZ3Pf51YcQoVMyoOuUdwR9H--NdR7MYGgYKW2UUAXmlccO2b2ti6a_KTe2LxxfM1l-HDfFOZvOpaDtUBX38jWrmKZKvUlwiA__GX83u3DT-ryldO6-GfHKfSt6jGG0ngTc33dNebPcSiiAwHjENGBwuE-jrOVCGutmy8jC0Sdnk_VWF30rx6f6Y01rw4yhcgHpFB2Mcp5sedHH_fJIqgKxUz7_8kdwTT-GwgTUIMZN2f93gqchis3xJYCwBApIX1yIY1We3G2EyNHAfCk9xtyiQPBvQhcAlHZlNq2sgGIxyxWCUlR_h8xItRd-vCc1SXpYBzYqkqzeGlECY8Tqt6y7akKkmB1uHhVh_HZzCK7jcjIzvU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
353df5216c9e650dd49a6b4146dc437030f3a53effd2d05603ce0178d30458e9

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=gtbom_-5xZRqGuSV5TBpimA6FtkFh3mnDMpX-zwUTsLw97nbVjX7RidWucR9xAsluoG8nezO_k_gayfi8OCbRM8JacnWYTJtWRJ25pqJi4ElA5CEfjgFVucfEIOTDjD71tXvL99wehylG4sKkDWpHwKUfalZ17NwydX8jrqzQjcooFqX8u2IhEn35tCGr04jBGvBty6JfQSHVdvBNt2co_XS1WNTYPZKMvmkzValWSxuzoTP2lQvH_4lNeNnxnqowY9LwVKOafPjbQ9e92DPqZYTREPPs0yaL2WmFrAEX2kNM6Yi0y1ySZ3Pf51YcQoVMyoOuUdwR9H--NdR7MYGgYKW2UUAXmlccO2b2ti6a_KTe2LxxfM1l-HDfFOZvOpaDtUBX38jWrmKZKvUlwiA__GX83u3DT-ryldO6-GfHKfSt6jGG0ngTc33dNebPcSiiAwHjENGBwuE-jrOVCGutmy8jC0Sdnk_VWF30rx6f6Y01rw4yhcgHpFB2Mcp5sedHH_fJIqgKxUz7_8kdwTT-GwgTUIMZN2f93gqchis3xJYCwBApIX1yIY1We3G2EyNHAfCk9xtyiQPBvQhcAlHZlNq2sgGIxyxWCUlR_h8xItRd-vCc1SXpYBzYqkqzeGlECY8Tqt6y7akKkmB1uHhVh_HZzCK7jcjIzvU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAZ; OXPCLK=AAHg4AAAAAAAAAAZ; ppucnt=25
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAa; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAa; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=26; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=gtbom_-5xZRqGuSV5TBpimA6FtkFh3mnDMpX-zwUTsLw97nbVjX7RidWucR9xAsluoG8nezO_k_gayfi8OCbRM8JacnWYTJtWRJ25pqJi4ElA5CEfjgFVucfEIOTDjD71tXvL99wehylG4sKkDWpHwKUfalZ17NwydX8jrqzQjcooFqX8u2IhEn35tCGr04jBGvBty6JfQSHVdvBNt2co_XS1WNTYPZKMvmkzValWSxuzoTP2lQvH_4lNeNnxnqowY9LwVKOafPjbQ9e92DPqZYTREPPs0yaL2WmFrAEX2kNM6Yi0y1ySZ3Pf51YcQoVMyoOuUdwR9H--NdR7MYGgYKW2UUAXmlccO2b2ti6a_KTe2LxxfM1l-HDfFOZvOpaDtUBX38jWrmKZKvUlwiA__GX83u3DT-ryldO6-GfHKfSt6jGG0ngTc33dNebPcSiiAwHjENGBwuE-jrOVCGutmy8jC0Sdnk_VWF30rx6f6Y01rw4yhcgHpFB2Mcp5sedHH_fJIqgKxUz7_8kdwTT-GwgTUIMZN2f93gqchis3xJYCwBApIX1yIY1We3G2EyNHAfCk9xtyiQPBvQhcAlHZlNq2sgGIxyxWCUlR_h8xItRd-vCc1SXpYBzYqkqzeGlECY8Tqt6y7akKkmB1uHhVh_HZzCK7jcjIzvU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:36 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405391668a0a626472d853106c72e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:36 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0872868ce23908675b093eef11a9b4ba0de990af8c9c444ffd2da92792578c49

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAa; OXPCLK=AAHg4AAAAAAAAAAa; ppucnt=26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAa; OXPCLK=AAHg4AAAAAAAAAAa; ppucnt=26
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=4a_dZkoHvN55cPLGJf7VlWZkqI70YJHIQK-6bx-y64qArT_-8frSRrk_CHzApeYJc34fp-M-nfLqORMmAEdgNcVqLwKeTFEOqC7cARNtIAkOt1I04dj7IgNzzgF-wtHsr03qYzxYxai2TqKif30LWfULtJAUh7zF6YeSPihh_MySuWs0SBzuEUlPJ6rjuW3tMOaV3FbFIQD2UsqLOrsY8jAR5MU9SdE_LuAron7-OdhqTXWMVcGnIRTDiSN0dwuXOPPUy0PzFxUQ5EIXYnETou7xy6uGayIPpB9aIFAhMthjiSfdrKwBnvV_FN-HmZclm54mFCD06nvSYFwfgpGqvXO2Gx5T7W1joJXzzSMetgiVdBSHf7nihH8iRmu115kW-Ta9mRavAVYWy62DlPEb-P4cVdunHb66IAC_W_7U6IcDeV1TcXQflwsktF_3WBjbSIYN3XNE2l5usLQPNg1BJBd3NzfW2FNJ4LG8ce5NSsyMrfT0klYzPVJiqvQShpSHf4f8IinzGx6ovFJkq1d_hG8np6-I6UUzHiIaYnyF6IHluYZy1ygIWFF6yPWvB6KxzD--UjcOaQneriMQlqMe1NvMmrH2lgtPY_vsMoCt-cgWLbi5fYVZWMpR7r8sfz3giPxzEDShJSx0QGOmyXrHZPGVTbdQN9lWmkJQ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=4a_dZkoHvN55cPLGJf7VlWZkqI70YJHIQK-6bx-y64qArT_-8frSRrk_CHzApeYJc34fp-M-nfLqORMmAEdgNcVqLwKeTFEOqC7cARNtIAkOt1I04dj7IgNzzgF-wtHsr03qYzxYxai2TqKif30LWfULtJAUh7zF6YeSPihh_MySuWs0SBzuEUlPJ6rjuW3tMOaV3FbFIQD2UsqLOrsY8jAR5MU9SdE_LuAron7-OdhqTXWMVcGnIRTDiSN0dwuXOPPUy0PzFxUQ5EIXYnETou7xy6uGayIPpB9aIFAhMthjiSfdrKwBnvV_FN-HmZclm54mFCD06nvSYFwfgpGqvXO2Gx5T7W1joJXzzSMetgiVdBSHf7nihH8iRmu115kW-Ta9mRavAVYWy62DlPEb-P4cVdunHb66IAC_W_7U6IcDeV1TcXQflwsktF_3WBjbSIYN3XNE2l5usLQPNg1BJBd3NzfW2FNJ4LG8ce5NSsyMrfT0klYzPVJiqvQShpSHf4f8IinzGx6ovFJkq1d_hG8np6-I6UUzHiIaYnyF6IHluYZy1ygIWFF6yPWvB6KxzD--UjcOaQneriMQlqMe1NvMmrH2lgtPY_vsMoCt-cgWLbi5fYVZWMpR7r8sfz3giPxzEDShJSx0QGOmyXrHZPGVTbdQN9lWmkJQ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAa; OXPCLK=AAHg4AAAAAAAAAAa; ppucnt=26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:36 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAb; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAb; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure ppucnt=27; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:36 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=682c84ea4a85b393399afaf976566caf1631480736&psp=4a_dZkoHvN55cPLGJf7VlWZkqI70YJHIQK-6bx-y64qArT_-8frSRrk_CHzApeYJc34fp-M-nfLqORMmAEdgNcVqLwKeTFEOqC7cARNtIAkOt1I04dj7IgNzzgF-wtHsr03qYzxYxai2TqKif30LWfULtJAUh7zF6YeSPihh_MySuWs0SBzuEUlPJ6rjuW3tMOaV3FbFIQD2UsqLOrsY8jAR5MU9SdE_LuAron7-OdhqTXWMVcGnIRTDiSN0dwuXOPPUy0PzFxUQ5EIXYnETou7xy6uGayIPpB9aIFAhMthjiSfdrKwBnvV_FN-HmZclm54mFCD06nvSYFwfgpGqvXO2Gx5T7W1joJXzzSMetgiVdBSHf7nihH8iRmu115kW-Ta9mRavAVYWy62DlPEb-P4cVdunHb66IAC_W_7U6IcDeV1TcXQflwsktF_3WBjbSIYN3XNE2l5usLQPNg1BJBd3NzfW2FNJ4LG8ce5NSsyMrfT0klYzPVJiqvQShpSHf4f8IinzGx6ovFJkq1d_hG8np6-I6UUzHiIaYnyF6IHluYZy1ygIWFF6yPWvB6KxzD--UjcOaQneriMQlqMe1NvMmrH2lgtPY_vsMoCt-cgWLbi5fYVZWMpR7r8sfz3giPxzEDShJSx0QGOmyXrHZPGVTbdQN9lWmkJQ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405473f91058ca94c84a0669dfc9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e0785982c0626b11715fd495dda033407dbbf789cbac334e0512ac06d9733e51

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAb; OXPCLK=AAHg4AAAAAAAAAAb; ppucnt=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAb; OXPCLK=AAHg4AAAAAAAAAAb; ppucnt=27
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=Xeb_T5PO0CyO4MXpRIs9rbU_0ahzLRxLeB-obIEw-_66d79Qwejt2AnErLBBrDLVP49ieNNB1yJCWqlkB3I6N8m-4lOGFYm0c1McpGWKzrjH-mOwVN--LxLxQuhVYe2lXIbbRP32HMP8qId56sRXlYmUmskBh2CYHkoWL6ZBAgzx-6DquszrPBnaLjjaaZbR7IZrcfYrFOJPcg8XjAg9cWDw82pzsk_LGrlZpYfwopFTevZiN2mdlt5Yia4GjA4V_YXJgZ-bQf0HvFje-I5qGnUAUPutIFa-W4Txxu6fa3a0etiQObco8_yfNb8flOvkxIQc2MLwTpUgbEbPZVWt_iD07OpkZQBUpMV1qVnJrLAwLG37mBhvay1ZSprdRg8dHnC_NIXguxROBSPrvUJRX2TpQ3LwLII5cgkjtlT8qrC0cRAqXuZsLKovcQAfqeSe1VHHQ5XkMddGb4HwxVxjDUlzy84RyRLfYv20eN2Obr_-nq4Vo7FYqtGIp1bSLE45vOB8jGSmAJXtaqC5vtXGMVYYA_8nY-TZXPY6eiNmQjZIAhh5Hz6GUF0hWuoKf5V_177dqPgnrHm8ie234nsSsbibLlwerxRKH-znmJVFH1Vgaq4mPRsBiPRB7XtBXmcrNU7SAj26Aom_NZdJXxECxk92CXC1N4Uzh9eO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
80e3a171eb120606d8f35cea91d14c370fa1ce15622d0c26a79615df40e1f5a1

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=Xeb_T5PO0CyO4MXpRIs9rbU_0ahzLRxLeB-obIEw-_66d79Qwejt2AnErLBBrDLVP49ieNNB1yJCWqlkB3I6N8m-4lOGFYm0c1McpGWKzrjH-mOwVN--LxLxQuhVYe2lXIbbRP32HMP8qId56sRXlYmUmskBh2CYHkoWL6ZBAgzx-6DquszrPBnaLjjaaZbR7IZrcfYrFOJPcg8XjAg9cWDw82pzsk_LGrlZpYfwopFTevZiN2mdlt5Yia4GjA4V_YXJgZ-bQf0HvFje-I5qGnUAUPutIFa-W4Txxu6fa3a0etiQObco8_yfNb8flOvkxIQc2MLwTpUgbEbPZVWt_iD07OpkZQBUpMV1qVnJrLAwLG37mBhvay1ZSprdRg8dHnC_NIXguxROBSPrvUJRX2TpQ3LwLII5cgkjtlT8qrC0cRAqXuZsLKovcQAfqeSe1VHHQ5XkMddGb4HwxVxjDUlzy84RyRLfYv20eN2Obr_-nq4Vo7FYqtGIp1bSLE45vOB8jGSmAJXtaqC5vtXGMVYYA_8nY-TZXPY6eiNmQjZIAhh5Hz6GUF0hWuoKf5V_177dqPgnrHm8ie234nsSsbibLlwerxRKH-znmJVFH1Vgaq4mPRsBiPRB7XtBXmcrNU7SAj26Aom_NZdJXxECxk92CXC1N4Uzh9eO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAb; OXPCLK=AAHg4AAAAAAAAAAb; ppucnt=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAc; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAc; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=28; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=Xeb_T5PO0CyO4MXpRIs9rbU_0ahzLRxLeB-obIEw-_66d79Qwejt2AnErLBBrDLVP49ieNNB1yJCWqlkB3I6N8m-4lOGFYm0c1McpGWKzrjH-mOwVN--LxLxQuhVYe2lXIbbRP32HMP8qId56sRXlYmUmskBh2CYHkoWL6ZBAgzx-6DquszrPBnaLjjaaZbR7IZrcfYrFOJPcg8XjAg9cWDw82pzsk_LGrlZpYfwopFTevZiN2mdlt5Yia4GjA4V_YXJgZ-bQf0HvFje-I5qGnUAUPutIFa-W4Txxu6fa3a0etiQObco8_yfNb8flOvkxIQc2MLwTpUgbEbPZVWt_iD07OpkZQBUpMV1qVnJrLAwLG37mBhvay1ZSprdRg8dHnC_NIXguxROBSPrvUJRX2TpQ3LwLII5cgkjtlT8qrC0cRAqXuZsLKovcQAfqeSe1VHHQ5XkMddGb4HwxVxjDUlzy84RyRLfYv20eN2Obr_-nq4Vo7FYqtGIp1bSLE45vOB8jGSmAJXtaqC5vtXGMVYYA_8nY-TZXPY6eiNmQjZIAhh5Hz6GUF0hWuoKf5V_177dqPgnrHm8ie234nsSsbibLlwerxRKH-znmJVFH1Vgaq4mPRsBiPRB7XtBXmcrNU7SAj26Aom_NZdJXxECxk92CXC1N4Uzh9eO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405243ee337a17f4be38f80c4d00e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ce0400a69da856578e7b2dad8de7aaa9e56bdb30ca256e16824eb21526ec82c6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAc; OXPCLK=AAHg4AAAAAAAAAAc; ppucnt=28
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAc; OXPCLK=AAHg4AAAAAAAAAAc; ppucnt=28
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=rTOuSdJImFDVSJYPWT0EXRRvp4WoJEA21rCksq0CftD4qPsSTgj9dKNUzwL5ErVr_PqqvfV1hkH_7e_VNsxNmw3FWJciBnwHzpKdl9PF8b57B6l7_i67js14biZ-sDbiBxUb5sV8GowT8g7QJUukLOSbYc4P4Cv6R4iqV6oBvQqaCgYNSuyLe-h2AsGdvUSJ4F-4P-F-qiMnPAMgZ5x9GTbATNs2Blx_hVjGQK6DQA8_yPDkyGRO4Bsd_P74Osr-cPoit9UOeylCvXps8XgkIRH9_HEsYdm1t3fQ2b12XFEYIgy1vAA8QmwQzNC5n8EmaOPUJxvB9YitIxF6w0RL0PH1343bcm9XHOG8PiOLCvr0btyx_z5lsksHHswrOW7Ly9Tutk68oFVIAl7mRJgoOAzMZuI3H63qB5cuCTu39hTvVSSrryGByJgd1xpDZyQPgy97zttDtjwGrofz2dqiHsIvqV49HwucMWxO3fT-5t1l3xF339s2VPPmQx5lIGEku8K8ecRKI2-9CbQ__FnozQpUU9gv-yFkxhAuTvQsIMgG6GtUXeWJT0sz2hYN4K7RHfD1_Ih5cv8q5FiWAX-nT44pJJZ8-NyPlSb-UGSlPmtycW6Ms8P-aCO-rzQdHvsN5ADHC47vgHva37nk0qH4H5jRmjT4GZBSR3xl&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=rTOuSdJImFDVSJYPWT0EXRRvp4WoJEA21rCksq0CftD4qPsSTgj9dKNUzwL5ErVr_PqqvfV1hkH_7e_VNsxNmw3FWJciBnwHzpKdl9PF8b57B6l7_i67js14biZ-sDbiBxUb5sV8GowT8g7QJUukLOSbYc4P4Cv6R4iqV6oBvQqaCgYNSuyLe-h2AsGdvUSJ4F-4P-F-qiMnPAMgZ5x9GTbATNs2Blx_hVjGQK6DQA8_yPDkyGRO4Bsd_P74Osr-cPoit9UOeylCvXps8XgkIRH9_HEsYdm1t3fQ2b12XFEYIgy1vAA8QmwQzNC5n8EmaOPUJxvB9YitIxF6w0RL0PH1343bcm9XHOG8PiOLCvr0btyx_z5lsksHHswrOW7Ly9Tutk68oFVIAl7mRJgoOAzMZuI3H63qB5cuCTu39hTvVSSrryGByJgd1xpDZyQPgy97zttDtjwGrofz2dqiHsIvqV49HwucMWxO3fT-5t1l3xF339s2VPPmQx5lIGEku8K8ecRKI2-9CbQ__FnozQpUU9gv-yFkxhAuTvQsIMgG6GtUXeWJT0sz2hYN4K7RHfD1_Ih5cv8q5FiWAX-nT44pJJZ8-NyPlSb-UGSlPmtycW6Ms8P-aCO-rzQdHvsN5ADHC47vgHva37nk0qH4H5jRmjT4GZBSR3xl&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAc; OXPCLK=AAHg4AAAAAAAAAAc; ppucnt=28
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAd; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAd; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=29; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=rTOuSdJImFDVSJYPWT0EXRRvp4WoJEA21rCksq0CftD4qPsSTgj9dKNUzwL5ErVr_PqqvfV1hkH_7e_VNsxNmw3FWJciBnwHzpKdl9PF8b57B6l7_i67js14biZ-sDbiBxUb5sV8GowT8g7QJUukLOSbYc4P4Cv6R4iqV6oBvQqaCgYNSuyLe-h2AsGdvUSJ4F-4P-F-qiMnPAMgZ5x9GTbATNs2Blx_hVjGQK6DQA8_yPDkyGRO4Bsd_P74Osr-cPoit9UOeylCvXps8XgkIRH9_HEsYdm1t3fQ2b12XFEYIgy1vAA8QmwQzNC5n8EmaOPUJxvB9YitIxF6w0RL0PH1343bcm9XHOG8PiOLCvr0btyx_z5lsksHHswrOW7Ly9Tutk68oFVIAl7mRJgoOAzMZuI3H63qB5cuCTu39hTvVSSrryGByJgd1xpDZyQPgy97zttDtjwGrofz2dqiHsIvqV49HwucMWxO3fT-5t1l3xF339s2VPPmQx5lIGEku8K8ecRKI2-9CbQ__FnozQpUU9gv-yFkxhAuTvQsIMgG6GtUXeWJT0sz2hYN4K7RHfD1_Ih5cv8q5FiWAX-nT44pJJZ8-NyPlSb-UGSlPmtycW6Ms8P-aCO-rzQdHvsN5ADHC47vgHva37nk0qH4H5jRmjT4GZBSR3xl&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051afd4aa1068448c1b8c910fd2c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1834d5e34e447d49d10fd7de4ae6b80c9cb38f7b206c3115fef9f12efbb36a65

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAd; OXPCLK=AAHg4AAAAAAAAAAd; ppucnt=29
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAd; OXPCLK=AAHg4AAAAAAAAAAd; ppucnt=29
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=9ChVhENbNi1saeKVRGAlJOCC9aJ3Q2EJWC9c4lfD5O3yHfWlToDPTIE1_BcrUsPHYgBFwp_2sjBGVL26zNLSdBoGWFzZV7iUlmzI9zScXjEtW6Z78-xCjzF9WPvNo3fuKZqw25acvcArCDmZWFmmwoO_hzdJwN8ClEIddavkSYfFxdziBmrgsaXvlafFlwfRoYvV5fAw4Ik_rL2vbdLQPH2MBJ-mLi6etd5VAm9isHL4R4Av1DkOuQ71bWNVexgkzx1ts47NXbUf1iq_Ffhhx_nwuHQ1l-Sy6aZ5NBzNk2hjl87KN7oGn_XkN66XGNeS29DJj1sfDSE1TrvI7TbUPHI_VpWwr4vIh5M3P95Dok6XA_Rxv77MVA1z6TUW5VTqbPaUNdeHyu8E8MXl63bI7y1n_osRjcuW0EyjvkeRtfUl6IArNLXmK7jZmCo-kb1Gn491Vx2By8dSt4o1KdJ0OzK35XQmcQgmuMGbrD5aQiyWManGimFBQKV0OtRI5C_bBjZFv9qwTX2bN3mtgBH7PNNlFktSnPKXQXg5sDrJDn26XtplezBJZ_aips85UOqfhjpZqGXMSgCwLmS5a1nEErp94nsCGqcP2MTCuIEtdmDjST2a8BwJ3VCDbFMwIRk1OMvWKHWRWgaa_eYrXxTkC91RAAFpcFol9hLX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=9ChVhENbNi1saeKVRGAlJOCC9aJ3Q2EJWC9c4lfD5O3yHfWlToDPTIE1_BcrUsPHYgBFwp_2sjBGVL26zNLSdBoGWFzZV7iUlmzI9zScXjEtW6Z78-xCjzF9WPvNo3fuKZqw25acvcArCDmZWFmmwoO_hzdJwN8ClEIddavkSYfFxdziBmrgsaXvlafFlwfRoYvV5fAw4Ik_rL2vbdLQPH2MBJ-mLi6etd5VAm9isHL4R4Av1DkOuQ71bWNVexgkzx1ts47NXbUf1iq_Ffhhx_nwuHQ1l-Sy6aZ5NBzNk2hjl87KN7oGn_XkN66XGNeS29DJj1sfDSE1TrvI7TbUPHI_VpWwr4vIh5M3P95Dok6XA_Rxv77MVA1z6TUW5VTqbPaUNdeHyu8E8MXl63bI7y1n_osRjcuW0EyjvkeRtfUl6IArNLXmK7jZmCo-kb1Gn491Vx2By8dSt4o1KdJ0OzK35XQmcQgmuMGbrD5aQiyWManGimFBQKV0OtRI5C_bBjZFv9qwTX2bN3mtgBH7PNNlFktSnPKXQXg5sDrJDn26XtplezBJZ_aips85UOqfhjpZqGXMSgCwLmS5a1nEErp94nsCGqcP2MTCuIEtdmDjST2a8BwJ3VCDbFMwIRk1OMvWKHWRWgaa_eYrXxTkC91RAAFpcFol9hLX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAd; OXPCLK=AAHg4AAAAAAAAAAd; ppucnt=29
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAe; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAe; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=30; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=9ChVhENbNi1saeKVRGAlJOCC9aJ3Q2EJWC9c4lfD5O3yHfWlToDPTIE1_BcrUsPHYgBFwp_2sjBGVL26zNLSdBoGWFzZV7iUlmzI9zScXjEtW6Z78-xCjzF9WPvNo3fuKZqw25acvcArCDmZWFmmwoO_hzdJwN8ClEIddavkSYfFxdziBmrgsaXvlafFlwfRoYvV5fAw4Ik_rL2vbdLQPH2MBJ-mLi6etd5VAm9isHL4R4Av1DkOuQ71bWNVexgkzx1ts47NXbUf1iq_Ffhhx_nwuHQ1l-Sy6aZ5NBzNk2hjl87KN7oGn_XkN66XGNeS29DJj1sfDSE1TrvI7TbUPHI_VpWwr4vIh5M3P95Dok6XA_Rxv77MVA1z6TUW5VTqbPaUNdeHyu8E8MXl63bI7y1n_osRjcuW0EyjvkeRtfUl6IArNLXmK7jZmCo-kb1Gn491Vx2By8dSt4o1KdJ0OzK35XQmcQgmuMGbrD5aQiyWManGimFBQKV0OtRI5C_bBjZFv9qwTX2bN3mtgBH7PNNlFktSnPKXQXg5sDrJDn26XtplezBJZ_aips85UOqfhjpZqGXMSgCwLmS5a1nEErp94nsCGqcP2MTCuIEtdmDjST2a8BwJ3VCDbFMwIRk1OMvWKHWRWgaa_eYrXxTkC91RAAFpcFol9hLX&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405422133eb55f1456f990a6f2bf1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2407632202f1a6f717161efc1634cefd48f2b7a73494627e23557afb68912ef7

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAe; OXPCLK=AAHg4AAAAAAAAAAe; ppucnt=30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAe; OXPCLK=AAHg4AAAAAAAAAAe; ppucnt=30
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=zjMkh4ZCKn6crF-0XTJBj__qehrYNTu5uUkgfhAI3IRxasnc4ovi9svHYqr35oL3wMzIpP8QgxmqXOKAybsuBE0A0msCi-4lTEZK2DchACfczS0KAbrZ0-QBpQmMAgQORM2-nWgOmLN8yZczIUSUb41QGYE2fA-noorvH3CHHid1qyImupyVKEfstAtJ6Sd6QN-LZtl9TizhTv15qrVdMTL2WlVWICTTgcqQ6ZBIM-dQ0iQjQ3cxTePHlIR2boGBRtbTDQEOO7CTRaMcCbU7Pg5tCZ_FQAU_7Z5Hpcbl_jcs-cdfbs_PmhRNz5mpfaVOgRECfa9il05g9nLHunqFcOoxyepGZIuLjRKQ7B3eN6U1izjmNXX4igzZbCX9VYnMqijK3ghkClY0q-IX9AyrU3GocUO067eqdfxyWueCpkgA76dEBToxYTKlOGzttmnyv5mxkAvHFKVot18Cx-pbBJjNnShrrCDUJCR3btuQ4WM9ixEDNDJzPkeEA7Ezb_32DGw_Fk5I5fNQpIJ34KBEaD-wcbUwC4K4UmuB-zKhWBeLpFPKArSVjdUaczVqq6dznvUCwZDqs9_fgs_MAr2oHvxL1uckOsMeZ5qdSagvJ1ovNoHfneVdiiHAOjQdP5tJjMaqSH1SpTapalOJLwBc42_fTTAjh2wvpDiK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e1080484ce1089c5b0dcec62202e7dcca58f8c70763027395b98d9dd7eed1d69

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=zjMkh4ZCKn6crF-0XTJBj__qehrYNTu5uUkgfhAI3IRxasnc4ovi9svHYqr35oL3wMzIpP8QgxmqXOKAybsuBE0A0msCi-4lTEZK2DchACfczS0KAbrZ0-QBpQmMAgQORM2-nWgOmLN8yZczIUSUb41QGYE2fA-noorvH3CHHid1qyImupyVKEfstAtJ6Sd6QN-LZtl9TizhTv15qrVdMTL2WlVWICTTgcqQ6ZBIM-dQ0iQjQ3cxTePHlIR2boGBRtbTDQEOO7CTRaMcCbU7Pg5tCZ_FQAU_7Z5Hpcbl_jcs-cdfbs_PmhRNz5mpfaVOgRECfa9il05g9nLHunqFcOoxyepGZIuLjRKQ7B3eN6U1izjmNXX4igzZbCX9VYnMqijK3ghkClY0q-IX9AyrU3GocUO067eqdfxyWueCpkgA76dEBToxYTKlOGzttmnyv5mxkAvHFKVot18Cx-pbBJjNnShrrCDUJCR3btuQ4WM9ixEDNDJzPkeEA7Ezb_32DGw_Fk5I5fNQpIJ34KBEaD-wcbUwC4K4UmuB-zKhWBeLpFPKArSVjdUaczVqq6dznvUCwZDqs9_fgs_MAr2oHvxL1uckOsMeZ5qdSagvJ1ovNoHfneVdiiHAOjQdP5tJjMaqSH1SpTapalOJLwBc42_fTTAjh2wvpDiK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAe; OXPCLK=AAHg4AAAAAAAAAAe; ppucnt=30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAf; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAf; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=31; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=zjMkh4ZCKn6crF-0XTJBj__qehrYNTu5uUkgfhAI3IRxasnc4ovi9svHYqr35oL3wMzIpP8QgxmqXOKAybsuBE0A0msCi-4lTEZK2DchACfczS0KAbrZ0-QBpQmMAgQORM2-nWgOmLN8yZczIUSUb41QGYE2fA-noorvH3CHHid1qyImupyVKEfstAtJ6Sd6QN-LZtl9TizhTv15qrVdMTL2WlVWICTTgcqQ6ZBIM-dQ0iQjQ3cxTePHlIR2boGBRtbTDQEOO7CTRaMcCbU7Pg5tCZ_FQAU_7Z5Hpcbl_jcs-cdfbs_PmhRNz5mpfaVOgRECfa9il05g9nLHunqFcOoxyepGZIuLjRKQ7B3eN6U1izjmNXX4igzZbCX9VYnMqijK3ghkClY0q-IX9AyrU3GocUO067eqdfxyWueCpkgA76dEBToxYTKlOGzttmnyv5mxkAvHFKVot18Cx-pbBJjNnShrrCDUJCR3btuQ4WM9ixEDNDJzPkeEA7Ezb_32DGw_Fk5I5fNQpIJ34KBEaD-wcbUwC4K4UmuB-zKhWBeLpFPKArSVjdUaczVqq6dznvUCwZDqs9_fgs_MAr2oHvxL1uckOsMeZ5qdSagvJ1ovNoHfneVdiiHAOjQdP5tJjMaqSH1SpTapalOJLwBc42_fTTAjh2wvpDiK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d18b70f5e84f4baaae5db69e56&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3c68f88ed486e0ea5bfbc4a65fd2ef4f26da99e3b382affe27c45c6dff25c22a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAf; OXPCLK=AAHg4AAAAAAAAAAf; ppucnt=31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAf; OXPCLK=AAHg4AAAAAAAAAAf; ppucnt=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=-IceoGKbb0uLhbyx5WYRYKqd5oQHdaSlFde173P90vEVVJgWgeDIkrg-hU5-qxOgGsYuRG6mAf4yfO-emSDjvaqEoDtjMQsmJ-QPIzK_9qkCcPpfO8Dq44Bkw2L_sefAEsc3jV7-7wuoqDD8sOE7icTmGjhhCRH8N_WprSgc0sexlSpf3YrXLcqtXHkTDpNGxxZrOS3V-DLdbZ0U-9IHu0iOVHlVXz6Ez0au28wxChnk2-5-TTVtVmGaHj4gALspo7Ps7Vf9dEzMGm-ugWMlvXzSRv3Y5k9wAc0QADTxHuH6z138UILyz8EC33bRqtcqEQtfyR7j0hSFPO18BPHUafioiO1NV8e-7ypqTyaKormtlzKVvGcRQaNL4oe4zO4afwgZOO7lsVCh0qKurSj8dJ5KWakIHJP8AjbkiqcbwD0EK5QukYHSsu9D0NL5qXwgmrY0nsPzgJ9lqEuLUJP8QyGy4_MjN3aF0EVm9H4232tqlCDwxg7wH1MfPLgIoWylmNlhTsBDOo5gCI9rBlG3itqh-H3TNNnYjeQeKh6aOKjG-0bCteurhmBxs1mOpBbBHt2oAjwULm89WDqpBv428mWuWi25re1csNAQbyFv6EAXZHtbq_Jp_HwJNTAPUn-F0zeEVjqJZjWlDd-OYnIn-vvEQB5QJJhq2b9s&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
99656ece73788e271b13f3dac71b0c2a92921b4b63a9e004e8097e54bb40a2d5

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=-IceoGKbb0uLhbyx5WYRYKqd5oQHdaSlFde173P90vEVVJgWgeDIkrg-hU5-qxOgGsYuRG6mAf4yfO-emSDjvaqEoDtjMQsmJ-QPIzK_9qkCcPpfO8Dq44Bkw2L_sefAEsc3jV7-7wuoqDD8sOE7icTmGjhhCRH8N_WprSgc0sexlSpf3YrXLcqtXHkTDpNGxxZrOS3V-DLdbZ0U-9IHu0iOVHlVXz6Ez0au28wxChnk2-5-TTVtVmGaHj4gALspo7Ps7Vf9dEzMGm-ugWMlvXzSRv3Y5k9wAc0QADTxHuH6z138UILyz8EC33bRqtcqEQtfyR7j0hSFPO18BPHUafioiO1NV8e-7ypqTyaKormtlzKVvGcRQaNL4oe4zO4afwgZOO7lsVCh0qKurSj8dJ5KWakIHJP8AjbkiqcbwD0EK5QukYHSsu9D0NL5qXwgmrY0nsPzgJ9lqEuLUJP8QyGy4_MjN3aF0EVm9H4232tqlCDwxg7wH1MfPLgIoWylmNlhTsBDOo5gCI9rBlG3itqh-H3TNNnYjeQeKh6aOKjG-0bCteurhmBxs1mOpBbBHt2oAjwULm89WDqpBv428mWuWi25re1csNAQbyFv6EAXZHtbq_Jp_HwJNTAPUn-F0zeEVjqJZjWlDd-OYnIn-vvEQB5QJJhq2b9s&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAf; OXPCLK=AAHg4AAAAAAAAAAf; ppucnt=31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAg; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAg; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=32; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=-IceoGKbb0uLhbyx5WYRYKqd5oQHdaSlFde173P90vEVVJgWgeDIkrg-hU5-qxOgGsYuRG6mAf4yfO-emSDjvaqEoDtjMQsmJ-QPIzK_9qkCcPpfO8Dq44Bkw2L_sefAEsc3jV7-7wuoqDD8sOE7icTmGjhhCRH8N_WprSgc0sexlSpf3YrXLcqtXHkTDpNGxxZrOS3V-DLdbZ0U-9IHu0iOVHlVXz6Ez0au28wxChnk2-5-TTVtVmGaHj4gALspo7Ps7Vf9dEzMGm-ugWMlvXzSRv3Y5k9wAc0QADTxHuH6z138UILyz8EC33bRqtcqEQtfyR7j0hSFPO18BPHUafioiO1NV8e-7ypqTyaKormtlzKVvGcRQaNL4oe4zO4afwgZOO7lsVCh0qKurSj8dJ5KWakIHJP8AjbkiqcbwD0EK5QukYHSsu9D0NL5qXwgmrY0nsPzgJ9lqEuLUJP8QyGy4_MjN3aF0EVm9H4232tqlCDwxg7wH1MfPLgIoWylmNlhTsBDOo5gCI9rBlG3itqh-H3TNNnYjeQeKh6aOKjG-0bCteurhmBxs1mOpBbBHt2oAjwULm89WDqpBv428mWuWi25re1csNAQbyFv6EAXZHtbq_Jp_HwJNTAPUn-F0zeEVjqJZjWlDd-OYnIn-vvEQB5QJJhq2b9s&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dad355c080f64bac99d49be463&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
375a60aae0a92c76b6af0e13069a70eb000fd5751ae115fd3c5eb3fc2abe5289

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAg; OXPCLK=AAHg4AAAAAAAAAAg; ppucnt=32
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAg; OXPCLK=AAHg4AAAAAAAAAAg; ppucnt=32
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=X_EfDCD9WEDtIfc-yCft32rp78mlnKoHW4NLz8FbxewX-W5p9-PXd1ZtlDUzdoFyjaGIJ6lTWyahB_lHowuX-Uf9cMkGLY2aG8Q41QZdDBwTboriWZVcQ3Oj80AA3hnxCFVMl5CK6hC9sXqjj_YMWRUYeRBSkIc1e-t-_CJAE7khG3beWSUq_bGUXQe2xpeVxanMdMgN2N5ojJa2p5-47AzWAPWkg1ijgiUW4EBmaLUH6vcgQuQw6jnEBSEdeIBI9cBUHgHoP_j70X41jIk5ww7lV4sLVn8IzHiQr1arimPmtozG_mFcPMhe2hab6bNukTh2PCbb6FK5fArvAZpFA7k1DqIpX8M1Wjq54pYwF4mCdR2vWOv5MyqWC4LDJLjdqTXKjJ9QG5icv2bCqdkT234jD1xc1nXs6YnMGhJ2qkTajLKDrK-WaKujPI6Aw7zO1K9jiONHsKm3DgYSNmUdRL2FGlfAZf3RJmMB9VAxB6y_LS97JjYIIsQWZNZGgb06IgVebwuEXYnMXYc0JVER9WhUWMv1etFbSTBdlc8PsmbPt_EjTv_EGbo3xSbOEqwLIdGaVmkoDvRPHM_cPEVxyfuGYFzTbGWwfYK4wI8A1pl9y_TIPwkFsOkelT883krpwhHq5YM_V5jexURP8u5xR8qNt13QPMz55FF_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b882ebdc697223afd2bb73ce627ca928d8b5d9878151375e27c3b951850c912e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=X_EfDCD9WEDtIfc-yCft32rp78mlnKoHW4NLz8FbxewX-W5p9-PXd1ZtlDUzdoFyjaGIJ6lTWyahB_lHowuX-Uf9cMkGLY2aG8Q41QZdDBwTboriWZVcQ3Oj80AA3hnxCFVMl5CK6hC9sXqjj_YMWRUYeRBSkIc1e-t-_CJAE7khG3beWSUq_bGUXQe2xpeVxanMdMgN2N5ojJa2p5-47AzWAPWkg1ijgiUW4EBmaLUH6vcgQuQw6jnEBSEdeIBI9cBUHgHoP_j70X41jIk5ww7lV4sLVn8IzHiQr1arimPmtozG_mFcPMhe2hab6bNukTh2PCbb6FK5fArvAZpFA7k1DqIpX8M1Wjq54pYwF4mCdR2vWOv5MyqWC4LDJLjdqTXKjJ9QG5icv2bCqdkT234jD1xc1nXs6YnMGhJ2qkTajLKDrK-WaKujPI6Aw7zO1K9jiONHsKm3DgYSNmUdRL2FGlfAZf3RJmMB9VAxB6y_LS97JjYIIsQWZNZGgb06IgVebwuEXYnMXYc0JVER9WhUWMv1etFbSTBdlc8PsmbPt_EjTv_EGbo3xSbOEqwLIdGaVmkoDvRPHM_cPEVxyfuGYFzTbGWwfYK4wI8A1pl9y_TIPwkFsOkelT883krpwhHq5YM_V5jexURP8u5xR8qNt13QPMz55FF_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAg; OXPCLK=AAHg4AAAAAAAAAAg; ppucnt=32
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAh; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAh; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=33; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=X_EfDCD9WEDtIfc-yCft32rp78mlnKoHW4NLz8FbxewX-W5p9-PXd1ZtlDUzdoFyjaGIJ6lTWyahB_lHowuX-Uf9cMkGLY2aG8Q41QZdDBwTboriWZVcQ3Oj80AA3hnxCFVMl5CK6hC9sXqjj_YMWRUYeRBSkIc1e-t-_CJAE7khG3beWSUq_bGUXQe2xpeVxanMdMgN2N5ojJa2p5-47AzWAPWkg1ijgiUW4EBmaLUH6vcgQuQw6jnEBSEdeIBI9cBUHgHoP_j70X41jIk5ww7lV4sLVn8IzHiQr1arimPmtozG_mFcPMhe2hab6bNukTh2PCbb6FK5fArvAZpFA7k1DqIpX8M1Wjq54pYwF4mCdR2vWOv5MyqWC4LDJLjdqTXKjJ9QG5icv2bCqdkT234jD1xc1nXs6YnMGhJ2qkTajLKDrK-WaKujPI6Aw7zO1K9jiONHsKm3DgYSNmUdRL2FGlfAZf3RJmMB9VAxB6y_LS97JjYIIsQWZNZGgb06IgVebwuEXYnMXYc0JVER9WhUWMv1etFbSTBdlc8PsmbPt_EjTv_EGbo3xSbOEqwLIdGaVmkoDvRPHM_cPEVxyfuGYFzTbGWwfYK4wI8A1pl9y_TIPwkFsOkelT883krpwhHq5YM_V5jexURP8u5xR8qNt13QPMz55FF_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059f3856c0f3ce419b9ed1f0fa8b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5503fbc0a7206746bb3e4e7358b03a51ca07e216fa81adc59320ccde78a23d64

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAh; OXPCLK=AAHg4AAAAAAAAAAh; ppucnt=33
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAh; OXPCLK=AAHg4AAAAAAAAAAh; ppucnt=33
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=f5p_6ngS3Bh4GY_lxe3BAvj47kvIKqzyDi_ul7mLSxljInzqwAmLxlNf9_vX9ozSGZUQNHhAFsh5y3kSNAMoEzkS-GJq3BVZ_-5TFpIRE518J7siRWWmgvS3XatK1eXUQhMk59Jkwgv5Bw8Cvdx-8QcgmaaOCmlYBH8_zfOWonltS7kXTMA2jVvF-QYbt9jRH8oaS069Uc2LA67NCNEujmhGmHUes7020UyrF4U6D5PlWTEzr4dyCxhmNE8qoKcMg1YYCOfoFDo31nkvWasfLArOBrxrMa8WQndAsfQ9Q3UYCbYmHPPD4MoRvdHDCSDCJ5hsQOkk3McCYIxpzqT4-NeXf1DEYhJ_F_jXM5geOJ03R_Iudh1-6Uu3PpYpfK2108fhXrTi8M6uXz_tbtBB0p_hzIxsn7zIzeI8UxD6uVGuh1ncbXMmAi2-gN0JLFxoq1ckW7_fL3euwiAvKnY-Dkt5tpVYdEw_ltXStVbnYvlXWOpKq-XH_c8Fvf4ertGs81lOk1-LDF01lvWO8WY7ofOLfyl5EzRx8tz2DD3C1JyjG8cmOUshshZlZj7Da8HaxVQ1UqPnfUKnvVLOTpj5czGFkToAJbsSzmzt_X7HoOJHroso2xnb2P7a4nd_C3a2wXlNv8yiYtuuAnSTpvEkJ_QwZUQ4KCyBByJO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
714ea7171ebc8a98a6654b7382c733312040b3b4917774b63c8503376a23e642

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=f5p_6ngS3Bh4GY_lxe3BAvj47kvIKqzyDi_ul7mLSxljInzqwAmLxlNf9_vX9ozSGZUQNHhAFsh5y3kSNAMoEzkS-GJq3BVZ_-5TFpIRE518J7siRWWmgvS3XatK1eXUQhMk59Jkwgv5Bw8Cvdx-8QcgmaaOCmlYBH8_zfOWonltS7kXTMA2jVvF-QYbt9jRH8oaS069Uc2LA67NCNEujmhGmHUes7020UyrF4U6D5PlWTEzr4dyCxhmNE8qoKcMg1YYCOfoFDo31nkvWasfLArOBrxrMa8WQndAsfQ9Q3UYCbYmHPPD4MoRvdHDCSDCJ5hsQOkk3McCYIxpzqT4-NeXf1DEYhJ_F_jXM5geOJ03R_Iudh1-6Uu3PpYpfK2108fhXrTi8M6uXz_tbtBB0p_hzIxsn7zIzeI8UxD6uVGuh1ncbXMmAi2-gN0JLFxoq1ckW7_fL3euwiAvKnY-Dkt5tpVYdEw_ltXStVbnYvlXWOpKq-XH_c8Fvf4ertGs81lOk1-LDF01lvWO8WY7ofOLfyl5EzRx8tz2DD3C1JyjG8cmOUshshZlZj7Da8HaxVQ1UqPnfUKnvVLOTpj5czGFkToAJbsSzmzt_X7HoOJHroso2xnb2P7a4nd_C3a2wXlNv8yiYtuuAnSTpvEkJ_QwZUQ4KCyBByJO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAh; OXPCLK=AAHg4AAAAAAAAAAh; ppucnt=33
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAi; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAi; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure ppucnt=34; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:37 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=f5p_6ngS3Bh4GY_lxe3BAvj47kvIKqzyDi_ul7mLSxljInzqwAmLxlNf9_vX9ozSGZUQNHhAFsh5y3kSNAMoEzkS-GJq3BVZ_-5TFpIRE518J7siRWWmgvS3XatK1eXUQhMk59Jkwgv5Bw8Cvdx-8QcgmaaOCmlYBH8_zfOWonltS7kXTMA2jVvF-QYbt9jRH8oaS069Uc2LA67NCNEujmhGmHUes7020UyrF4U6D5PlWTEzr4dyCxhmNE8qoKcMg1YYCOfoFDo31nkvWasfLArOBrxrMa8WQndAsfQ9Q3UYCbYmHPPD4MoRvdHDCSDCJ5hsQOkk3McCYIxpzqT4-NeXf1DEYhJ_F_jXM5geOJ03R_Iudh1-6Uu3PpYpfK2108fhXrTi8M6uXz_tbtBB0p_hzIxsn7zIzeI8UxD6uVGuh1ncbXMmAi2-gN0JLFxoq1ckW7_fL3euwiAvKnY-Dkt5tpVYdEw_ltXStVbnYvlXWOpKq-XH_c8Fvf4ertGs81lOk1-LDF01lvWO8WY7ofOLfyl5EzRx8tz2DD3C1JyjG8cmOUshshZlZj7Da8HaxVQ1UqPnfUKnvVLOTpj5czGFkToAJbsSzmzt_X7HoOJHroso2xnb2P7a4nd_C3a2wXlNv8yiYtuuAnSTpvEkJ_QwZUQ4KCyBByJO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:37 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140581e7acf03b8645ca951bee5995&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:37 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f1fb4b2bd25b1142c0afa487466df2abec1250e9154e0d0f6aed4597043f2a4b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAi; OXPCLK=AAHg4AAAAAAAAAAi; ppucnt=34
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:37 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAi; OXPCLK=AAHg4AAAAAAAAAAi; ppucnt=34
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:37 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=0frRMRQE3-dmsqMhv3mdgcSt1fSZMmvVs5X4nfJ_BXNds88C-Ld5jVxUg-QLg1fCBW5u2405EAAu09x4Gp4hBNlVf20sq-HWvEuxdb1f613pzUZpM1o4w5sLAmMObUaoOKWRXYj2i_3lgkxrE_cuFTFvIYLZRRB0fNBeAjTHOGwL6E7uLhWXB-A0DS9F1k_cxN1prP-An6zDf-4k6imwUFzs5eYDKajJqmaGvZhBC6oZ09S00s9DKIOhdiwmoafcAHurXbi2m5tYhlur_PdLxB35FvMuTlIBxmbtZYYUaCyLvaBadqzCdjPiUJqqgPs6q7FAAJIwR0roRt3sQyAcJD6FDB6HIYX1YyOkOZmy0HWFGpODJynFJPXSD9VxrAghv7ulj0Ov0Gc3OzhlmhrDWbgp1WUJlDSWJw2NmXMMQzdDzYPj8Pl_hAhqIF9zbZM51JrgtBW8vOxYmlPzXHRIS6J8UxZHGhOAul-mqZZcN9q71uHQI8Q_pU_8JuhoaeQSnRIRtxi3b_zJucpDoYRDWKABGcwdE5HBlfyduH7b_g0S8xZYC2SSotr-D4mHmuO-2_yzJz4_h9ExF8qav4sg90KzLHE6DCw-iusaoqQk19KMtLF8KVpTGe_j5tB4CLIQ11S339WovWqtuQV7dUoizumGsrf0UeVQNB_R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fdf838bb42b4709487ba2c3b80c33f1ee8995008642ac8eb8ab2c8d0553e45e5

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=0frRMRQE3-dmsqMhv3mdgcSt1fSZMmvVs5X4nfJ_BXNds88C-Ld5jVxUg-QLg1fCBW5u2405EAAu09x4Gp4hBNlVf20sq-HWvEuxdb1f613pzUZpM1o4w5sLAmMObUaoOKWRXYj2i_3lgkxrE_cuFTFvIYLZRRB0fNBeAjTHOGwL6E7uLhWXB-A0DS9F1k_cxN1prP-An6zDf-4k6imwUFzs5eYDKajJqmaGvZhBC6oZ09S00s9DKIOhdiwmoafcAHurXbi2m5tYhlur_PdLxB35FvMuTlIBxmbtZYYUaCyLvaBadqzCdjPiUJqqgPs6q7FAAJIwR0roRt3sQyAcJD6FDB6HIYX1YyOkOZmy0HWFGpODJynFJPXSD9VxrAghv7ulj0Ov0Gc3OzhlmhrDWbgp1WUJlDSWJw2NmXMMQzdDzYPj8Pl_hAhqIF9zbZM51JrgtBW8vOxYmlPzXHRIS6J8UxZHGhOAul-mqZZcN9q71uHQI8Q_pU_8JuhoaeQSnRIRtxi3b_zJucpDoYRDWKABGcwdE5HBlfyduH7b_g0S8xZYC2SSotr-D4mHmuO-2_yzJz4_h9ExF8qav4sg90KzLHE6DCw-iusaoqQk19KMtLF8KVpTGe_j5tB4CLIQ11S339WovWqtuQV7dUoizumGsrf0UeVQNB_R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAi; OXPCLK=AAHg4AAAAAAAAAAi; ppucnt=34
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAj; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAj; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=35; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=479f9c8ac08db1b48e939f9c44aab30c1631480737&psp=0frRMRQE3-dmsqMhv3mdgcSt1fSZMmvVs5X4nfJ_BXNds88C-Ld5jVxUg-QLg1fCBW5u2405EAAu09x4Gp4hBNlVf20sq-HWvEuxdb1f613pzUZpM1o4w5sLAmMObUaoOKWRXYj2i_3lgkxrE_cuFTFvIYLZRRB0fNBeAjTHOGwL6E7uLhWXB-A0DS9F1k_cxN1prP-An6zDf-4k6imwUFzs5eYDKajJqmaGvZhBC6oZ09S00s9DKIOhdiwmoafcAHurXbi2m5tYhlur_PdLxB35FvMuTlIBxmbtZYYUaCyLvaBadqzCdjPiUJqqgPs6q7FAAJIwR0roRt3sQyAcJD6FDB6HIYX1YyOkOZmy0HWFGpODJynFJPXSD9VxrAghv7ulj0Ov0Gc3OzhlmhrDWbgp1WUJlDSWJw2NmXMMQzdDzYPj8Pl_hAhqIF9zbZM51JrgtBW8vOxYmlPzXHRIS6J8UxZHGhOAul-mqZZcN9q71uHQI8Q_pU_8JuhoaeQSnRIRtxi3b_zJucpDoYRDWKABGcwdE5HBlfyduH7b_g0S8xZYC2SSotr-D4mHmuO-2_yzJz4_h9ExF8qav4sg90KzLHE6DCw-iusaoqQk19KMtLF8KVpTGe_j5tB4CLIQ11S339WovWqtuQV7dUoizumGsrf0UeVQNB_R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e085d7b64e804e368228b77135&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5c6ab67954e03edd48bb42ad8a531180c00c7eb4fe9384352b689930f26a6914

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAj; OXPCLK=AAHg4AAAAAAAAAAj; ppucnt=35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAj; OXPCLK=AAHg4AAAAAAAAAAj; ppucnt=35
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=eK9zHn0DQVqSPP4M4wduGIygacauc1dt1TYRQ5b4Y_q4JclQAZnbDuTrQZjd3oxX6uNnu8wF8FlwcaQI4VHv8-GOCRkVPOaKHg8Scftcgkfq6d1ec7GCeCYnKD5Myf83-PUct9zeY1gcSYcZwJ-hai4UJJclUXDFIZoAGGhv7trWQGx3XuYNc-FYdPGIIXnZlZpDNmF5C4NBikcmKAHSXvmUkAu3R3gkiXRpSJ9SuGz7qMCB8exVq7XMs4cCXnBEipR3bLFt6RcWXCtQXBbPgYtiTTIJIh_YRGuel2AmAdrYk7dMLG6qbjWqTqVACRi-2g60xu_qObDBwa06GEg3L9xvMos2M-TutTr5X99CbRoQLUv3ulmIYb-luG0E5sWD8XJVMIVGYwwomOHmTJlwjaFb7-2bdV8Yl9locq_-nzr9n8CcX9IfgIwzNnlkcRgiZC8X4ZQXpB3RxKQMJZqbPH8jnOQT2MBS-vLkb1OQp8KgHWC__6T04iVlF-vbV95YQqUi_kKV-s5AcQ_9TasQY400Qw_-vmBNYRqiNrNrmmw5LQXhfWXBhJtHQSiDNNQsvFwsClBryOcAOpuDQuabiyJ45pavpRFnH1hfCPmGFShXeGE2BMsRXEwZj_FuBotUv6h8SU6lFHMYFpBvOxG11RZx2pfYI5llLy0k&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4da00215fe90c847cf0beab8aa98c5e8aca68398d05ee9fd030a64e55f7f5fd8

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=eK9zHn0DQVqSPP4M4wduGIygacauc1dt1TYRQ5b4Y_q4JclQAZnbDuTrQZjd3oxX6uNnu8wF8FlwcaQI4VHv8-GOCRkVPOaKHg8Scftcgkfq6d1ec7GCeCYnKD5Myf83-PUct9zeY1gcSYcZwJ-hai4UJJclUXDFIZoAGGhv7trWQGx3XuYNc-FYdPGIIXnZlZpDNmF5C4NBikcmKAHSXvmUkAu3R3gkiXRpSJ9SuGz7qMCB8exVq7XMs4cCXnBEipR3bLFt6RcWXCtQXBbPgYtiTTIJIh_YRGuel2AmAdrYk7dMLG6qbjWqTqVACRi-2g60xu_qObDBwa06GEg3L9xvMos2M-TutTr5X99CbRoQLUv3ulmIYb-luG0E5sWD8XJVMIVGYwwomOHmTJlwjaFb7-2bdV8Yl9locq_-nzr9n8CcX9IfgIwzNnlkcRgiZC8X4ZQXpB3RxKQMJZqbPH8jnOQT2MBS-vLkb1OQp8KgHWC__6T04iVlF-vbV95YQqUi_kKV-s5AcQ_9TasQY400Qw_-vmBNYRqiNrNrmmw5LQXhfWXBhJtHQSiDNNQsvFwsClBryOcAOpuDQuabiyJ45pavpRFnH1hfCPmGFShXeGE2BMsRXEwZj_FuBotUv6h8SU6lFHMYFpBvOxG11RZx2pfYI5llLy0k&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAj; OXPCLK=AAHg4AAAAAAAAAAj; ppucnt=35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAk; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAk; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=36; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=eK9zHn0DQVqSPP4M4wduGIygacauc1dt1TYRQ5b4Y_q4JclQAZnbDuTrQZjd3oxX6uNnu8wF8FlwcaQI4VHv8-GOCRkVPOaKHg8Scftcgkfq6d1ec7GCeCYnKD5Myf83-PUct9zeY1gcSYcZwJ-hai4UJJclUXDFIZoAGGhv7trWQGx3XuYNc-FYdPGIIXnZlZpDNmF5C4NBikcmKAHSXvmUkAu3R3gkiXRpSJ9SuGz7qMCB8exVq7XMs4cCXnBEipR3bLFt6RcWXCtQXBbPgYtiTTIJIh_YRGuel2AmAdrYk7dMLG6qbjWqTqVACRi-2g60xu_qObDBwa06GEg3L9xvMos2M-TutTr5X99CbRoQLUv3ulmIYb-luG0E5sWD8XJVMIVGYwwomOHmTJlwjaFb7-2bdV8Yl9locq_-nzr9n8CcX9IfgIwzNnlkcRgiZC8X4ZQXpB3RxKQMJZqbPH8jnOQT2MBS-vLkb1OQp8KgHWC__6T04iVlF-vbV95YQqUi_kKV-s5AcQ_9TasQY400Qw_-vmBNYRqiNrNrmmw5LQXhfWXBhJtHQSiDNNQsvFwsClBryOcAOpuDQuabiyJ45pavpRFnH1hfCPmGFShXeGE2BMsRXEwZj_FuBotUv6h8SU6lFHMYFpBvOxG11RZx2pfYI5llLy0k&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405382ba614b458487382bb3be197&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
54dde488b9dfe19b3db47517a7921853b08a5727855d51cae9a7f2ccd36b24a3

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAk; OXPCLK=AAHg4AAAAAAAAAAk; ppucnt=36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAk; OXPCLK=AAHg4AAAAAAAAAAk; ppucnt=36
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=a9v4w2057BQSfzT_opNKbKxch9pJUTK4V6W2C7ECX6l7Ahk4t_EPe-RUSmvAPQh7kLQvFO3BEpk2S-o9RAMOEi0LMsHH4Ic82QqX0BQ05TiBnquf364iss6KpvgrpzN_v6Yb-p8pZOomK1EQBP5lM_8yl5v3tbaIJLGP1QvxI5CWiL3RPKkYbtW02roeKCZeLhPmZQxMd1K9hHUo_sOGBFmUefPi8gdfoM6E83uQwU5MuPy_cG6jopEDQ9ewuWUd1u_MiFylDjKS6B4_pFdeYf12xGA_i3OvqWC8BESxlI9uXAx_Jnbkn8Cv9ecql8Ttat1hDlyg6nXZwtlD7xFpAnCpd9_6hGWSMiuj5wJPBMw_uMme0T1NqNMwvAYHNRYANjEOKZ3A7GnrwGKyYPI4Ma_CVRQTVKjeY9eKrEDc5XAEX01bK0u7sIofKWDR-5D87wk3y2M1kVAkSi7gC_1TPhYpP7tGPdGgC6-NhdLpaSaJlVZoEIcfVQosN-ccwYJ7qG2GvI5VBMj0ae7YkCP_YT64jWGaQ537146SZXUM5n_XT3rLliCzklbAKg36FiCUoixP2G4rJJfHAC-vjYzfRxEBIVwE_5Ua0QFdAfFhA5EK-uVDIL_gQpqBLc_OwmxX_3LbijgtGJ1ifY1nTKw6qyBjIJDrrFJD6h8-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
34b847d7f1682f8554ddadc5c40608e629b30194bfed306f0c3671f128daf190

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=a9v4w2057BQSfzT_opNKbKxch9pJUTK4V6W2C7ECX6l7Ahk4t_EPe-RUSmvAPQh7kLQvFO3BEpk2S-o9RAMOEi0LMsHH4Ic82QqX0BQ05TiBnquf364iss6KpvgrpzN_v6Yb-p8pZOomK1EQBP5lM_8yl5v3tbaIJLGP1QvxI5CWiL3RPKkYbtW02roeKCZeLhPmZQxMd1K9hHUo_sOGBFmUefPi8gdfoM6E83uQwU5MuPy_cG6jopEDQ9ewuWUd1u_MiFylDjKS6B4_pFdeYf12xGA_i3OvqWC8BESxlI9uXAx_Jnbkn8Cv9ecql8Ttat1hDlyg6nXZwtlD7xFpAnCpd9_6hGWSMiuj5wJPBMw_uMme0T1NqNMwvAYHNRYANjEOKZ3A7GnrwGKyYPI4Ma_CVRQTVKjeY9eKrEDc5XAEX01bK0u7sIofKWDR-5D87wk3y2M1kVAkSi7gC_1TPhYpP7tGPdGgC6-NhdLpaSaJlVZoEIcfVQosN-ccwYJ7qG2GvI5VBMj0ae7YkCP_YT64jWGaQ537146SZXUM5n_XT3rLliCzklbAKg36FiCUoixP2G4rJJfHAC-vjYzfRxEBIVwE_5Ua0QFdAfFhA5EK-uVDIL_gQpqBLc_OwmxX_3LbijgtGJ1ifY1nTKw6qyBjIJDrrFJD6h8-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAk; OXPCLK=AAHg4AAAAAAAAAAk; ppucnt=36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAl; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAl; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=37; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=a9v4w2057BQSfzT_opNKbKxch9pJUTK4V6W2C7ECX6l7Ahk4t_EPe-RUSmvAPQh7kLQvFO3BEpk2S-o9RAMOEi0LMsHH4Ic82QqX0BQ05TiBnquf364iss6KpvgrpzN_v6Yb-p8pZOomK1EQBP5lM_8yl5v3tbaIJLGP1QvxI5CWiL3RPKkYbtW02roeKCZeLhPmZQxMd1K9hHUo_sOGBFmUefPi8gdfoM6E83uQwU5MuPy_cG6jopEDQ9ewuWUd1u_MiFylDjKS6B4_pFdeYf12xGA_i3OvqWC8BESxlI9uXAx_Jnbkn8Cv9ecql8Ttat1hDlyg6nXZwtlD7xFpAnCpd9_6hGWSMiuj5wJPBMw_uMme0T1NqNMwvAYHNRYANjEOKZ3A7GnrwGKyYPI4Ma_CVRQTVKjeY9eKrEDc5XAEX01bK0u7sIofKWDR-5D87wk3y2M1kVAkSi7gC_1TPhYpP7tGPdGgC6-NhdLpaSaJlVZoEIcfVQosN-ccwYJ7qG2GvI5VBMj0ae7YkCP_YT64jWGaQ537146SZXUM5n_XT3rLliCzklbAKg36FiCUoixP2G4rJJfHAC-vjYzfRxEBIVwE_5Ua0QFdAfFhA5EK-uVDIL_gQpqBLc_OwmxX_3LbijgtGJ1ifY1nTKw6qyBjIJDrrFJD6h8-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e6f2badc44874a38849462d4df&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f2d5e9b3b5e8ce6694ceb3a5dd448c7fb57a7a2e1e4b9e3a4a04f9ceb5005758

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAl; OXPCLK=AAHg4AAAAAAAAAAl; ppucnt=37
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAl; OXPCLK=AAHg4AAAAAAAAAAl; ppucnt=37
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=giCmp1NdZnm1BEb4gfRj-yYB2EiBSuae25JBtWs8MfpLemIXkaTkefHy2t22SOsUURlqEV3vai_D_loyAjwf4YGUSkpvBFBi7DHxymQBkGkwaRZ4O1rLLfPwWdyVSQGvedqwvjI0ICU_q1GAYljOsLiYJovcH_YBx8xv9BMf8VmEL7b13LBmkF9iZafh53p8cQ9V1_iOXXrShf8mjIRx6Qa_xjmR5Ebk_GHpKnMTX7qhpNWZsixCMJ8jh0TZm47RbKs2uudJYnW8qhu9Yr-U73TsM9wh3r0Fup0qivS2TWGB8EzWoONWJkFGIyqVNd-PZOE5JGifufIOFJC6L0sDAAa9cctkpOovKtgY-qEAV_6Lfcs-lGXX9X0wAviwpSmfIIunPJfoVxMxaplP4lPehl9IpWvdqAGhauNIrQr6IdajgKtlE-UGo5rEXzHjdN-35AZM8bYqhf8KterJEucLAKArSqmUTUtV3TQWEio82azQjAwvjeuodxnjyZ5bvZWOqeeiNd_IqhY_Z6NyZxPSJwHcJin_DB9CFdae0m-M1KkHCeb9CD0WdNctzwQBbkSU8lD7dQxCD0oWkkQvR4sVrr_G-j4wHKStqoqqsE4afEVVadr3oyc4md0tYbNQboMBTHX9JPygB1RZTZO15pDWdnD5ZXEEVSL3rTo5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ff12bb22fd04d8aa22d772bbf6ae96f8fc5c9831ab56e541f29a11faceb8a3ff

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=giCmp1NdZnm1BEb4gfRj-yYB2EiBSuae25JBtWs8MfpLemIXkaTkefHy2t22SOsUURlqEV3vai_D_loyAjwf4YGUSkpvBFBi7DHxymQBkGkwaRZ4O1rLLfPwWdyVSQGvedqwvjI0ICU_q1GAYljOsLiYJovcH_YBx8xv9BMf8VmEL7b13LBmkF9iZafh53p8cQ9V1_iOXXrShf8mjIRx6Qa_xjmR5Ebk_GHpKnMTX7qhpNWZsixCMJ8jh0TZm47RbKs2uudJYnW8qhu9Yr-U73TsM9wh3r0Fup0qivS2TWGB8EzWoONWJkFGIyqVNd-PZOE5JGifufIOFJC6L0sDAAa9cctkpOovKtgY-qEAV_6Lfcs-lGXX9X0wAviwpSmfIIunPJfoVxMxaplP4lPehl9IpWvdqAGhauNIrQr6IdajgKtlE-UGo5rEXzHjdN-35AZM8bYqhf8KterJEucLAKArSqmUTUtV3TQWEio82azQjAwvjeuodxnjyZ5bvZWOqeeiNd_IqhY_Z6NyZxPSJwHcJin_DB9CFdae0m-M1KkHCeb9CD0WdNctzwQBbkSU8lD7dQxCD0oWkkQvR4sVrr_G-j4wHKStqoqqsE4afEVVadr3oyc4md0tYbNQboMBTHX9JPygB1RZTZO15pDWdnD5ZXEEVSL3rTo5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAl; OXPCLK=AAHg4AAAAAAAAAAl; ppucnt=37
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAm; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAm; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=38; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=giCmp1NdZnm1BEb4gfRj-yYB2EiBSuae25JBtWs8MfpLemIXkaTkefHy2t22SOsUURlqEV3vai_D_loyAjwf4YGUSkpvBFBi7DHxymQBkGkwaRZ4O1rLLfPwWdyVSQGvedqwvjI0ICU_q1GAYljOsLiYJovcH_YBx8xv9BMf8VmEL7b13LBmkF9iZafh53p8cQ9V1_iOXXrShf8mjIRx6Qa_xjmR5Ebk_GHpKnMTX7qhpNWZsixCMJ8jh0TZm47RbKs2uudJYnW8qhu9Yr-U73TsM9wh3r0Fup0qivS2TWGB8EzWoONWJkFGIyqVNd-PZOE5JGifufIOFJC6L0sDAAa9cctkpOovKtgY-qEAV_6Lfcs-lGXX9X0wAviwpSmfIIunPJfoVxMxaplP4lPehl9IpWvdqAGhauNIrQr6IdajgKtlE-UGo5rEXzHjdN-35AZM8bYqhf8KterJEucLAKArSqmUTUtV3TQWEio82azQjAwvjeuodxnjyZ5bvZWOqeeiNd_IqhY_Z6NyZxPSJwHcJin_DB9CFdae0m-M1KkHCeb9CD0WdNctzwQBbkSU8lD7dQxCD0oWkkQvR4sVrr_G-j4wHKStqoqqsE4afEVVadr3oyc4md0tYbNQboMBTHX9JPygB1RZTZO15pDWdnD5ZXEEVSL3rTo5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052fabac8b4c594657b0277f91e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
831ef6eaad809e6b48d1fddd74e8eba8403c2fefea90c2ed463d63917f73c326

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAm; OXPCLK=AAHg4AAAAAAAAAAm; ppucnt=38
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAm; OXPCLK=AAHg4AAAAAAAAAAm; ppucnt=38
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=H6pl0EwxXIZjzBOKFYQA0sB4YjckiNCWAeKLsJK5_bZAnhLDbZD2lX4NOjEN8Lo6DZlkkGM8e81g076jKb3mP2AfuRjeYv7hoE2_trm6txZBD0y6L7r_rkJeb2m4VmuFfeQWHZudL39Eljp8CqYgZdbVUF__uystqdw0aLTKyupgxsIabW_ZUlbVtdSS_CbI_gt4g25TpNRdKiJwLBVX7HBsuF4lWgzjVZqOw5BR_Ur9ng3sKZW27NAC9azlLFtSj7_eHj9_C4G7ejVCoxBtHjkA3UwFf5LVnI2E0EeciHBygtjkpIcpEoUhKJT2-Pmid76e--V2NykIbCl8934LJZmE0Lr8bk3UbfuC3O8Gb409mviAjrQgyY5Ad3Bja2eSRPYD2B7wGv0eBJEOPLbYKZ4A__-oWaqW0H7Ko8jJkWIVW_pA1NOfUV7VxAUGdDxpVQC_ByUp2901CgRI18GXZ7P59QEbRGdLIc4bjRKtq1BQdFMxfWnDhVAh7Fq08ZSvmS4doXgtx6og52PXxO11247qmPxbbfmJ3_TlG6I1SSKiI4EaTf734rig4Jxm7oHCedvPDakCrYRUbUkbagJZgZxhkugkKjiQXvFNSm6ZXpL86yPKI9LqD8E35ZMCyn1OLDUPjZ_O1XWkFd2747p-HAsbxs3BPESzXlGy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
974c3bb807bba901de2162af4060bf59eb089e4e1e889490a209a9674c40c597

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=H6pl0EwxXIZjzBOKFYQA0sB4YjckiNCWAeKLsJK5_bZAnhLDbZD2lX4NOjEN8Lo6DZlkkGM8e81g076jKb3mP2AfuRjeYv7hoE2_trm6txZBD0y6L7r_rkJeb2m4VmuFfeQWHZudL39Eljp8CqYgZdbVUF__uystqdw0aLTKyupgxsIabW_ZUlbVtdSS_CbI_gt4g25TpNRdKiJwLBVX7HBsuF4lWgzjVZqOw5BR_Ur9ng3sKZW27NAC9azlLFtSj7_eHj9_C4G7ejVCoxBtHjkA3UwFf5LVnI2E0EeciHBygtjkpIcpEoUhKJT2-Pmid76e--V2NykIbCl8934LJZmE0Lr8bk3UbfuC3O8Gb409mviAjrQgyY5Ad3Bja2eSRPYD2B7wGv0eBJEOPLbYKZ4A__-oWaqW0H7Ko8jJkWIVW_pA1NOfUV7VxAUGdDxpVQC_ByUp2901CgRI18GXZ7P59QEbRGdLIc4bjRKtq1BQdFMxfWnDhVAh7Fq08ZSvmS4doXgtx6og52PXxO11247qmPxbbfmJ3_TlG6I1SSKiI4EaTf734rig4Jxm7oHCedvPDakCrYRUbUkbagJZgZxhkugkKjiQXvFNSm6ZXpL86yPKI9LqD8E35ZMCyn1OLDUPjZ_O1XWkFd2747p-HAsbxs3BPESzXlGy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAm; OXPCLK=AAHg4AAAAAAAAAAm; ppucnt=38
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAn; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAn; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=39; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=H6pl0EwxXIZjzBOKFYQA0sB4YjckiNCWAeKLsJK5_bZAnhLDbZD2lX4NOjEN8Lo6DZlkkGM8e81g076jKb3mP2AfuRjeYv7hoE2_trm6txZBD0y6L7r_rkJeb2m4VmuFfeQWHZudL39Eljp8CqYgZdbVUF__uystqdw0aLTKyupgxsIabW_ZUlbVtdSS_CbI_gt4g25TpNRdKiJwLBVX7HBsuF4lWgzjVZqOw5BR_Ur9ng3sKZW27NAC9azlLFtSj7_eHj9_C4G7ejVCoxBtHjkA3UwFf5LVnI2E0EeciHBygtjkpIcpEoUhKJT2-Pmid76e--V2NykIbCl8934LJZmE0Lr8bk3UbfuC3O8Gb409mviAjrQgyY5Ad3Bja2eSRPYD2B7wGv0eBJEOPLbYKZ4A__-oWaqW0H7Ko8jJkWIVW_pA1NOfUV7VxAUGdDxpVQC_ByUp2901CgRI18GXZ7P59QEbRGdLIc4bjRKtq1BQdFMxfWnDhVAh7Fq08ZSvmS4doXgtx6og52PXxO11247qmPxbbfmJ3_TlG6I1SSKiI4EaTf734rig4Jxm7oHCedvPDakCrYRUbUkbagJZgZxhkugkKjiQXvFNSm6ZXpL86yPKI9LqD8E35ZMCyn1OLDUPjZ_O1XWkFd2747p-HAsbxs3BPESzXlGy&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc62af6c741494986bb1af381&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0df925e696699c55725201361004f660feeb54f3c7bc8f1eff97712b11ef1f0f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAn; OXPCLK=AAHg4AAAAAAAAAAn; ppucnt=39
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAn; OXPCLK=AAHg4AAAAAAAAAAn; ppucnt=39
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=paRjUCp62dHq4HOjPRkEU7tqL2nbuenbfc4BNVyOSIk0nat-E9Pwk_oWui6XLQA7myNQKc-A3XLFW5rjMXCW6Cbgle-BEy_siQ3bqDjC-kOKLp8KmAUZh45b5sxx99DSfCtWytcsK9SGFIEXoSRAr8SNQ0uV4oV60P9dkx-6O0GTBHKydqNKq0hmT3wmiGhHmHc8ThlIihvr-4ip1PoJwAATQ61RMH0PHCOfLiesGHautf_s1h6qvYyXjfQ5rLo4ENOQXcKgl5dbi2fx-NDzsV_Hjr2LQjbR6PvZTvWVQYGZSA8gc5RM2yqK5TUT5VldLNZpRLH3YhuOGVsMfN5lkI2ZHCCjCe8rtXdz7FajgqNaoU0horOMJDNztHN8VJsb721pfLhVbtFWSBKSBos4jmIv8wsp7044kedFFGZUoTN7mkunwE0Y70TI2Y0PJ5EwPNO0Vi1TEnIZxd5OLBHAmpo-uWodSHqhBgyO-gJvsj_bwQrY2MBu4OwYFi6r-fiqmxTQ-R82YWiROdrkP186l2pcnLtKPmvLjXS6L59iix1-xsD72EYHsKoW2J9kxLwK_KIevcbtf7yY8kf4elOP0xIcqvsvY9VbDzuQPv99Hn_AtWmdj4e1jG65czdNqBToERFYw6QdbJOhtv_i2nM3ZzfsFx1NIhyolG7D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cb09baafe5960daae6b84dd9c7689bd6959a8a9bcb0d6ed81795b9e260696792

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=paRjUCp62dHq4HOjPRkEU7tqL2nbuenbfc4BNVyOSIk0nat-E9Pwk_oWui6XLQA7myNQKc-A3XLFW5rjMXCW6Cbgle-BEy_siQ3bqDjC-kOKLp8KmAUZh45b5sxx99DSfCtWytcsK9SGFIEXoSRAr8SNQ0uV4oV60P9dkx-6O0GTBHKydqNKq0hmT3wmiGhHmHc8ThlIihvr-4ip1PoJwAATQ61RMH0PHCOfLiesGHautf_s1h6qvYyXjfQ5rLo4ENOQXcKgl5dbi2fx-NDzsV_Hjr2LQjbR6PvZTvWVQYGZSA8gc5RM2yqK5TUT5VldLNZpRLH3YhuOGVsMfN5lkI2ZHCCjCe8rtXdz7FajgqNaoU0horOMJDNztHN8VJsb721pfLhVbtFWSBKSBos4jmIv8wsp7044kedFFGZUoTN7mkunwE0Y70TI2Y0PJ5EwPNO0Vi1TEnIZxd5OLBHAmpo-uWodSHqhBgyO-gJvsj_bwQrY2MBu4OwYFi6r-fiqmxTQ-R82YWiROdrkP186l2pcnLtKPmvLjXS6L59iix1-xsD72EYHsKoW2J9kxLwK_KIevcbtf7yY8kf4elOP0xIcqvsvY9VbDzuQPv99Hn_AtWmdj4e1jG65czdNqBToERFYw6QdbJOhtv_i2nM3ZzfsFx1NIhyolG7D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAn; OXPCLK=AAHg4AAAAAAAAAAn; ppucnt=39
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAo; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAo; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=40; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=paRjUCp62dHq4HOjPRkEU7tqL2nbuenbfc4BNVyOSIk0nat-E9Pwk_oWui6XLQA7myNQKc-A3XLFW5rjMXCW6Cbgle-BEy_siQ3bqDjC-kOKLp8KmAUZh45b5sxx99DSfCtWytcsK9SGFIEXoSRAr8SNQ0uV4oV60P9dkx-6O0GTBHKydqNKq0hmT3wmiGhHmHc8ThlIihvr-4ip1PoJwAATQ61RMH0PHCOfLiesGHautf_s1h6qvYyXjfQ5rLo4ENOQXcKgl5dbi2fx-NDzsV_Hjr2LQjbR6PvZTvWVQYGZSA8gc5RM2yqK5TUT5VldLNZpRLH3YhuOGVsMfN5lkI2ZHCCjCe8rtXdz7FajgqNaoU0horOMJDNztHN8VJsb721pfLhVbtFWSBKSBos4jmIv8wsp7044kedFFGZUoTN7mkunwE0Y70TI2Y0PJ5EwPNO0Vi1TEnIZxd5OLBHAmpo-uWodSHqhBgyO-gJvsj_bwQrY2MBu4OwYFi6r-fiqmxTQ-R82YWiROdrkP186l2pcnLtKPmvLjXS6L59iix1-xsD72EYHsKoW2J9kxLwK_KIevcbtf7yY8kf4elOP0xIcqvsvY9VbDzuQPv99Hn_AtWmdj4e1jG65czdNqBToERFYw6QdbJOhtv_i2nM3ZzfsFx1NIhyolG7D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140510bd6e38d03045f99bacf6b5c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2d7d9ed415e995f7f6234fcebd2eb023a83990849a7bae6de9137b2f4780e43f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAo; OXPCLK=AAHg4AAAAAAAAAAo; ppucnt=40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAo; OXPCLK=AAHg4AAAAAAAAAAo; ppucnt=40
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=Xvu_8d6SPmEDXTYzcjCLhLOFLCyfSqVVnQ_UPHZQ7CQ5ctgf615soiFRzEIEl-FZYKCKnBA8n-wtnVOU6wJkUOx4D1WVqc1My7Ta4pOpYIfm43uAQ9Aml0SRZKTK3lr8P6NtZL35KdciaSeGCO6ew6P1apGAXDi6TaAD1jqTDBcRI5tZ8zHiBsRc94B2UAmebiHA9d0d4b56DN4ZziSfiyzKkEe4G6XpB3CcdBzNssppkpAIHjpIJmvkwv2emm8rniK4OAGP-S1BV_rjdkjU1kioLkN5yZ8IR77cM-SEFHVYq2rrbX9dA8lGOKZC-OpVIO64ksngjzBQHUmBlbwGxyg77ztS3BbOCr-jO0h4qeQfzP8ttanMAsJCteqXeF01NH196qlRcXUEN7IiBqmUXjfem0Sai5C62bl5sTari8yiRZ-O220XKaAxsReGIz3XtpzQQJ3NGXmeSUNpO7wqI1_QCBEpOh9MVrGW_Cs5etRoAuPczc2jt3fnFdUH-5t0qxlwVhAFjoBb5-A3LDUBihgthY5vqphg9C07Cp4c6vQkZzqpEhW-ql2_75KrNkqKLp32CdjiiOlQX1U4uzWq_ZSnSkCH6i0tNsZRSEbNiWCQV7e6Wm3pfbV5FJRcype7ElBll1KfTqzjIMFalyIhposv4WJENRdpCAqd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2a5c706419831cefd2ffb4ab2eb2eb4c1ded13d75b7f674bf48cd8c286034a54

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=Xvu_8d6SPmEDXTYzcjCLhLOFLCyfSqVVnQ_UPHZQ7CQ5ctgf615soiFRzEIEl-FZYKCKnBA8n-wtnVOU6wJkUOx4D1WVqc1My7Ta4pOpYIfm43uAQ9Aml0SRZKTK3lr8P6NtZL35KdciaSeGCO6ew6P1apGAXDi6TaAD1jqTDBcRI5tZ8zHiBsRc94B2UAmebiHA9d0d4b56DN4ZziSfiyzKkEe4G6XpB3CcdBzNssppkpAIHjpIJmvkwv2emm8rniK4OAGP-S1BV_rjdkjU1kioLkN5yZ8IR77cM-SEFHVYq2rrbX9dA8lGOKZC-OpVIO64ksngjzBQHUmBlbwGxyg77ztS3BbOCr-jO0h4qeQfzP8ttanMAsJCteqXeF01NH196qlRcXUEN7IiBqmUXjfem0Sai5C62bl5sTari8yiRZ-O220XKaAxsReGIz3XtpzQQJ3NGXmeSUNpO7wqI1_QCBEpOh9MVrGW_Cs5etRoAuPczc2jt3fnFdUH-5t0qxlwVhAFjoBb5-A3LDUBihgthY5vqphg9C07Cp4c6vQkZzqpEhW-ql2_75KrNkqKLp32CdjiiOlQX1U4uzWq_ZSnSkCH6i0tNsZRSEbNiWCQV7e6Wm3pfbV5FJRcype7ElBll1KfTqzjIMFalyIhposv4WJENRdpCAqd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAo; OXPCLK=AAHg4AAAAAAAAAAo; ppucnt=40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAp; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAp; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=41; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140565cce62eccd84d21b2a955ad9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=Xvu_8d6SPmEDXTYzcjCLhLOFLCyfSqVVnQ_UPHZQ7CQ5ctgf615soiFRzEIEl-FZYKCKnBA8n-wtnVOU6wJkUOx4D1WVqc1My7Ta4pOpYIfm43uAQ9Aml0SRZKTK3lr8P6NtZL35KdciaSeGCO6ew6P1apGAXDi6TaAD1jqTDBcRI5tZ8zHiBsRc94B2UAmebiHA9d0d4b56DN4ZziSfiyzKkEe4G6XpB3CcdBzNssppkpAIHjpIJmvkwv2emm8rniK4OAGP-S1BV_rjdkjU1kioLkN5yZ8IR77cM-SEFHVYq2rrbX9dA8lGOKZC-OpVIO64ksngjzBQHUmBlbwGxyg77ztS3BbOCr-jO0h4qeQfzP8ttanMAsJCteqXeF01NH196qlRcXUEN7IiBqmUXjfem0Sai5C62bl5sTari8yiRZ-O220XKaAxsReGIz3XtpzQQJ3NGXmeSUNpO7wqI1_QCBEpOh9MVrGW_Cs5etRoAuPczc2jt3fnFdUH-5t0qxlwVhAFjoBb5-A3LDUBihgthY5vqphg9C07Cp4c6vQkZzqpEhW-ql2_75KrNkqKLp32CdjiiOlQX1U4uzWq_ZSnSkCH6i0tNsZRSEbNiWCQV7e6Wm3pfbV5FJRcype7ElBll1KfTqzjIMFalyIhposv4WJENRdpCAqd&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140565cce62eccd84d21b2a955ad9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140565cce62eccd84d21b2a955ad9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140565cce62eccd84d21b2a955ad9e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5577fdecc15accefce38d64c877d445475e2a3e6a8d9b4e15f9540c9f701ec5d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAp; OXPCLK=AAHg4AAAAAAAAAAp; ppucnt=41
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAp; OXPCLK=AAHg4AAAAAAAAAAp; ppucnt=41
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=_knhIA8e1xFSYwG-vtdeHVEmPE7S7lz3cW10QLw7JLsdk78ykemqT7rUhDMjm5gT6YyfLHx2TmAtvEw0GtBcIfBqXquqykqOA0xT7m-NjZcL41MXRnY_9-0DXruxF1AUcIZB45p_j3C4IEa7bYLsIpVQE_9EqjXg3S2tuCvkO-W7sQp6S9Q5ynKcn23aXeLsBYD0icR4gB52dOYG1XSHNkH3VsmERdp_NIfTHD8WFrqLmMXFnSJ2ZNQ255yvr8JaZlZNjUJrpzQw0bwqmyF83hldEoShn1NRu5YK6Lm-VlHifsIgIUv97T0LU0KOwCITq3qz2cD0MBkT8JHel3GgWg9zM9pRVjJ0Y7sS4z8HTYhRqXA7l36SBU_jS-4E_FRqDMmBUWvJbVrYjjy4xqe9_7exQbSmN4AFvKkkySt1VOtZSIU9WRkYhIm3HtSBW0C3HAuWa3Qa1RtQ0hqmiZi57dvZgIBo4zfrjn9P13jSmBF-npj07BMc7sunN2iaDRX1CK1yzTVHwI43M4cfC96VqQxNz3ar8ukFEcO5mXC2M_3-P05RqBfIS18tCWAndwksNpCEZDkCQ2C3jYF3ol1i5xT3gPN2A3cMVR78rR7yWJ8rZzBXGloSyB3VAcK4hex0tT1XuwVhhJn7qd8XQlmHotHZXakWyVp9ojL0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6cf8d4e2d8b8e07d52bd4a93a9760e7fba4dc7982db4215b9affdba17bca12c2

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=_knhIA8e1xFSYwG-vtdeHVEmPE7S7lz3cW10QLw7JLsdk78ykemqT7rUhDMjm5gT6YyfLHx2TmAtvEw0GtBcIfBqXquqykqOA0xT7m-NjZcL41MXRnY_9-0DXruxF1AUcIZB45p_j3C4IEa7bYLsIpVQE_9EqjXg3S2tuCvkO-W7sQp6S9Q5ynKcn23aXeLsBYD0icR4gB52dOYG1XSHNkH3VsmERdp_NIfTHD8WFrqLmMXFnSJ2ZNQ255yvr8JaZlZNjUJrpzQw0bwqmyF83hldEoShn1NRu5YK6Lm-VlHifsIgIUv97T0LU0KOwCITq3qz2cD0MBkT8JHel3GgWg9zM9pRVjJ0Y7sS4z8HTYhRqXA7l36SBU_jS-4E_FRqDMmBUWvJbVrYjjy4xqe9_7exQbSmN4AFvKkkySt1VOtZSIU9WRkYhIm3HtSBW0C3HAuWa3Qa1RtQ0hqmiZi57dvZgIBo4zfrjn9P13jSmBF-npj07BMc7sunN2iaDRX1CK1yzTVHwI43M4cfC96VqQxNz3ar8ukFEcO5mXC2M_3-P05RqBfIS18tCWAndwksNpCEZDkCQ2C3jYF3ol1i5xT3gPN2A3cMVR78rR7yWJ8rZzBXGloSyB3VAcK4hex0tT1XuwVhhJn7qd8XQlmHotHZXakWyVp9ojL0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAp; OXPCLK=AAHg4AAAAAAAAAAp; ppucnt=41
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAq; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAq; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure ppucnt=42; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:38 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=fd574692938abd54a02a10d59433da931631480738&psp=_knhIA8e1xFSYwG-vtdeHVEmPE7S7lz3cW10QLw7JLsdk78ykemqT7rUhDMjm5gT6YyfLHx2TmAtvEw0GtBcIfBqXquqykqOA0xT7m-NjZcL41MXRnY_9-0DXruxF1AUcIZB45p_j3C4IEa7bYLsIpVQE_9EqjXg3S2tuCvkO-W7sQp6S9Q5ynKcn23aXeLsBYD0icR4gB52dOYG1XSHNkH3VsmERdp_NIfTHD8WFrqLmMXFnSJ2ZNQ255yvr8JaZlZNjUJrpzQw0bwqmyF83hldEoShn1NRu5YK6Lm-VlHifsIgIUv97T0LU0KOwCITq3qz2cD0MBkT8JHel3GgWg9zM9pRVjJ0Y7sS4z8HTYhRqXA7l36SBU_jS-4E_FRqDMmBUWvJbVrYjjy4xqe9_7exQbSmN4AFvKkkySt1VOtZSIU9WRkYhIm3HtSBW0C3HAuWa3Qa1RtQ0hqmiZi57dvZgIBo4zfrjn9P13jSmBF-npj07BMc7sunN2iaDRX1CK1yzTVHwI43M4cfC96VqQxNz3ar8ukFEcO5mXC2M_3-P05RqBfIS18tCWAndwksNpCEZDkCQ2C3jYF3ol1i5xT3gPN2A3cMVR78rR7yWJ8rZzBXGloSyB3VAcK4hex0tT1XuwVhhJn7qd8XQlmHotHZXakWyVp9ojL0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:38 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:38 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:38 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f5701c56c33141f2a22a5e4171&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c8af48d9d83cd826baa8411122da680c20914d571ee83ba5f20bf8f80c048a50

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAq; OXPCLK=AAHg4AAAAAAAAAAq; ppucnt=42
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:38 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAq; OXPCLK=AAHg4AAAAAAAAAAq; ppucnt=42
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=d5tXjiXy0AFJrhv_gvRIatS3bmyXPbTvLv-LNxCnfsxHuIxbuQaWkEq9_015AdcNQ8GjvGKPthk5_dA9XAfFErFObbEQKpHSFip8lbM65bnJnxXWrH2hxgXQKQP-a0Iggh1avD0lhnO-8ohpa9JU-2fxxa2-FOynJjFmpdP18VQGFs9eywiwF66kDIgdhYpVIVke7PBlQ5-_4MNq33oZLwBAJkamP_2yV5SZiPt8Yg8EMR7XcgcJkO_oPHemPkZffOIkJ-1hUYdmqyewp2Yd-iGzTwjxkv74g7D9NdkW3fFjyDqhpR0rwAe0IBGl00gCJNgoqQm7KAS8pdnqpZlwXhU0CbePip4AAVvem7IBuH_yWN48swPjXo9CjDnMRaFhJ54wyAsKW6jO6gLFfzm6VpUqdBs_dU7vdmtsSDLysHhm5qQhZrqbaaq1G-0eZi7LxDnnu0cVoPNqijs3546UeP1AV4NHTkX80guftg75BppeXMsnf52o5kqDkZ9BcKWPVEZ8cP8nl6MCPUr2BGBNphBquNfvH9ED5vde3v5g9N2w2HA8dritLErAHLNlsQEfaQfjJ3TIYgzuR1-8EqEVXbtH79tc6Lk65LC_SJRMuZfUPP_SizsAEKIaxOEvyHt7XH0r-_l3OWlVUfaaTM74Ki7TEIV9eg93B-Gh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=d5tXjiXy0AFJrhv_gvRIatS3bmyXPbTvLv-LNxCnfsxHuIxbuQaWkEq9_015AdcNQ8GjvGKPthk5_dA9XAfFErFObbEQKpHSFip8lbM65bnJnxXWrH2hxgXQKQP-a0Iggh1avD0lhnO-8ohpa9JU-2fxxa2-FOynJjFmpdP18VQGFs9eywiwF66kDIgdhYpVIVke7PBlQ5-_4MNq33oZLwBAJkamP_2yV5SZiPt8Yg8EMR7XcgcJkO_oPHemPkZffOIkJ-1hUYdmqyewp2Yd-iGzTwjxkv74g7D9NdkW3fFjyDqhpR0rwAe0IBGl00gCJNgoqQm7KAS8pdnqpZlwXhU0CbePip4AAVvem7IBuH_yWN48swPjXo9CjDnMRaFhJ54wyAsKW6jO6gLFfzm6VpUqdBs_dU7vdmtsSDLysHhm5qQhZrqbaaq1G-0eZi7LxDnnu0cVoPNqijs3546UeP1AV4NHTkX80guftg75BppeXMsnf52o5kqDkZ9BcKWPVEZ8cP8nl6MCPUr2BGBNphBquNfvH9ED5vde3v5g9N2w2HA8dritLErAHLNlsQEfaQfjJ3TIYgzuR1-8EqEVXbtH79tc6Lk65LC_SJRMuZfUPP_SizsAEKIaxOEvyHt7XH0r-_l3OWlVUfaaTM74Ki7TEIV9eg93B-Gh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAq; OXPCLK=AAHg4AAAAAAAAAAq; ppucnt=42
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAr; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAr; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure ppucnt=43; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=d5tXjiXy0AFJrhv_gvRIatS3bmyXPbTvLv-LNxCnfsxHuIxbuQaWkEq9_015AdcNQ8GjvGKPthk5_dA9XAfFErFObbEQKpHSFip8lbM65bnJnxXWrH2hxgXQKQP-a0Iggh1avD0lhnO-8ohpa9JU-2fxxa2-FOynJjFmpdP18VQGFs9eywiwF66kDIgdhYpVIVke7PBlQ5-_4MNq33oZLwBAJkamP_2yV5SZiPt8Yg8EMR7XcgcJkO_oPHemPkZffOIkJ-1hUYdmqyewp2Yd-iGzTwjxkv74g7D9NdkW3fFjyDqhpR0rwAe0IBGl00gCJNgoqQm7KAS8pdnqpZlwXhU0CbePip4AAVvem7IBuH_yWN48swPjXo9CjDnMRaFhJ54wyAsKW6jO6gLFfzm6VpUqdBs_dU7vdmtsSDLysHhm5qQhZrqbaaq1G-0eZi7LxDnnu0cVoPNqijs3546UeP1AV4NHTkX80guftg75BppeXMsnf52o5kqDkZ9BcKWPVEZ8cP8nl6MCPUr2BGBNphBquNfvH9ED5vde3v5g9N2w2HA8dritLErAHLNlsQEfaQfjJ3TIYgzuR1-8EqEVXbtH79tc6Lk65LC_SJRMuZfUPP_SizsAEKIaxOEvyHt7XH0r-_l3OWlVUfaaTM74Ki7TEIV9eg93B-Gh&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25a8f1084604b37aa4213e5fb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ed043799989e868d7601efdaa3a340d2694eb41da0aec35df1a062d1c44b9654

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAr; OXPCLK=AAHg4AAAAAAAAAAr; ppucnt=43
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAr; OXPCLK=AAHg4AAAAAAAAAAr; ppucnt=43
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=HEsYHEQTWaLXBJ5pLvMfoWrl4T-gULynFA2CaYbKDISnBNQhFNQFbbEZmYmMO1YqFSGj69kUm6-Eck_5qi6v7UNEJGjdtjFsbCFRVVjGqfMzL4WCfTyk-GfnsTFDSr62xcW3rxJMiY_ufBQMTsATtoMJWvjoiYT4LjR5YouA0_fy5VN0IrWu0Ode2xypmQTCkhq-nCnf-XJ39t5OYY8jNPHdHJ0-8WSqTT1J6hsO2Ftn69zAJ1PkV6oy9l69CtEumfRTJv3kwVSxeTlypHnhfCmv50kDNTmjgN-dUAiXLrT5zHgkwi1ndTJqHsMykpeglIZ7QU3D4tOEZEyZ-TDmVjf72I-KtQrHxRrDCoUT_79z5bbWYB0woRDnLncCa60P0cgVUB1a6PVUIx_zGyFu-wVIjYClh0PU5rWfNio9PbxB52cccUz6ZvZLpT77ntjHAjKPahPFvyBL8GgYeA3ksPM9_S_-hdvEZ3FUz5sAX_vZ5ySUs7JEWHpOTMGAta64yNU5Lb7vkfsYq5kr_oayHj0BTgl_lubE1wv3u0KXWTRRaxRkF4aGDPSTYoUYUXHO6CIDXSha7VKhVW_rwLwn7M4zxBDFu0wHawsrg_aNSNHgU2vzYxLZGJ7F_amlJDuZZJKYqnOpnUp4vnTQ1NKitJPzYLPFXPrLl6eH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=HEsYHEQTWaLXBJ5pLvMfoWrl4T-gULynFA2CaYbKDISnBNQhFNQFbbEZmYmMO1YqFSGj69kUm6-Eck_5qi6v7UNEJGjdtjFsbCFRVVjGqfMzL4WCfTyk-GfnsTFDSr62xcW3rxJMiY_ufBQMTsATtoMJWvjoiYT4LjR5YouA0_fy5VN0IrWu0Ode2xypmQTCkhq-nCnf-XJ39t5OYY8jNPHdHJ0-8WSqTT1J6hsO2Ftn69zAJ1PkV6oy9l69CtEumfRTJv3kwVSxeTlypHnhfCmv50kDNTmjgN-dUAiXLrT5zHgkwi1ndTJqHsMykpeglIZ7QU3D4tOEZEyZ-TDmVjf72I-KtQrHxRrDCoUT_79z5bbWYB0woRDnLncCa60P0cgVUB1a6PVUIx_zGyFu-wVIjYClh0PU5rWfNio9PbxB52cccUz6ZvZLpT77ntjHAjKPahPFvyBL8GgYeA3ksPM9_S_-hdvEZ3FUz5sAX_vZ5ySUs7JEWHpOTMGAta64yNU5Lb7vkfsYq5kr_oayHj0BTgl_lubE1wv3u0KXWTRRaxRkF4aGDPSTYoUYUXHO6CIDXSha7VKhVW_rwLwn7M4zxBDFu0wHawsrg_aNSNHgU2vzYxLZGJ7F_amlJDuZZJKYqnOpnUp4vnTQ1NKitJPzYLPFXPrLl6eH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAr; OXPCLK=AAHg4AAAAAAAAAAr; ppucnt=43
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAs; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAs; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure ppucnt=44; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=HEsYHEQTWaLXBJ5pLvMfoWrl4T-gULynFA2CaYbKDISnBNQhFNQFbbEZmYmMO1YqFSGj69kUm6-Eck_5qi6v7UNEJGjdtjFsbCFRVVjGqfMzL4WCfTyk-GfnsTFDSr62xcW3rxJMiY_ufBQMTsATtoMJWvjoiYT4LjR5YouA0_fy5VN0IrWu0Ode2xypmQTCkhq-nCnf-XJ39t5OYY8jNPHdHJ0-8WSqTT1J6hsO2Ftn69zAJ1PkV6oy9l69CtEumfRTJv3kwVSxeTlypHnhfCmv50kDNTmjgN-dUAiXLrT5zHgkwi1ndTJqHsMykpeglIZ7QU3D4tOEZEyZ-TDmVjf72I-KtQrHxRrDCoUT_79z5bbWYB0woRDnLncCa60P0cgVUB1a6PVUIx_zGyFu-wVIjYClh0PU5rWfNio9PbxB52cccUz6ZvZLpT77ntjHAjKPahPFvyBL8GgYeA3ksPM9_S_-hdvEZ3FUz5sAX_vZ5ySUs7JEWHpOTMGAta64yNU5Lb7vkfsYq5kr_oayHj0BTgl_lubE1wv3u0KXWTRRaxRkF4aGDPSTYoUYUXHO6CIDXSha7VKhVW_rwLwn7M4zxBDFu0wHawsrg_aNSNHgU2vzYxLZGJ7F_amlJDuZZJKYqnOpnUp4vnTQ1NKitJPzYLPFXPrLl6eH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5647fb8119045f9993a94cb5b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eff84c3a554c20912d9211c708e86842aba8871ac92affd6eb254bd157099102

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAs; OXPCLK=AAHg4AAAAAAAAAAs; ppucnt=44
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAs; OXPCLK=AAHg4AAAAAAAAAAs; ppucnt=44
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=kPYMtondLyJ7tMbSklE-IiPLLl077w6hsS6PHxZADpDtzKtWh1pSRF7aBLz1wBCjgyyWuzXQGIXVrkD6vQ18nmmx8DRkOpgsDjN9jWFevilhNfEUM320AQtquS2n5mJV0t5-mSAFnljtiMACR8dDSoxTRJs8s2MZjQQ3lrtalMe4wtzJi98f8Po_iQtV-fLVTyzW94wfoawYJmixSgfvgcF1-XQaum7rZxF_rX-Oc1fQVibSgswAXftbJAHlcE_C81-nvwWef68i9FxR7NLX4RSAAnEbR_MteQonDaDSBCdCQg8mGLN1KtwVE9Qp24YzPkajYYbdj9WRuckrlIU-oXc3wrZEAz7tTzQ9zXGlw4m0tPQMeAxFtl3PZ1q8_mSRukKlN3JY3B1_rc9PR0XsL5oOCe53ai6fo0-oRakHyUE192MQV-r42t0mDM6si7XaSpc3v_dP2_GCkyfb6LEvdgTBcXhTU6-dQp_to65FZt-8n5cJ0ckN804qglkaBfd434OPJ2_SzREffW77xm7l88mlkHmNxVtP_rR_nAC9ULaNlXK9bSOo0eLW5u0MhToI-MepWVOTELRxQ7qGK4aK1rZpW96EiAA20x5adOOR3kMf0ajA8njqoEVosXRSYb3d94q6PTu9wcwZZARaEA3NzatPpXQqgm5Vs-lN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5ac08410b2ebd90105a451fb8f8340aaf98e687ba4a47f205aceb7a40a199fbc

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=kPYMtondLyJ7tMbSklE-IiPLLl077w6hsS6PHxZADpDtzKtWh1pSRF7aBLz1wBCjgyyWuzXQGIXVrkD6vQ18nmmx8DRkOpgsDjN9jWFevilhNfEUM320AQtquS2n5mJV0t5-mSAFnljtiMACR8dDSoxTRJs8s2MZjQQ3lrtalMe4wtzJi98f8Po_iQtV-fLVTyzW94wfoawYJmixSgfvgcF1-XQaum7rZxF_rX-Oc1fQVibSgswAXftbJAHlcE_C81-nvwWef68i9FxR7NLX4RSAAnEbR_MteQonDaDSBCdCQg8mGLN1KtwVE9Qp24YzPkajYYbdj9WRuckrlIU-oXc3wrZEAz7tTzQ9zXGlw4m0tPQMeAxFtl3PZ1q8_mSRukKlN3JY3B1_rc9PR0XsL5oOCe53ai6fo0-oRakHyUE192MQV-r42t0mDM6si7XaSpc3v_dP2_GCkyfb6LEvdgTBcXhTU6-dQp_to65FZt-8n5cJ0ckN804qglkaBfd434OPJ2_SzREffW77xm7l88mlkHmNxVtP_rR_nAC9ULaNlXK9bSOo0eLW5u0MhToI-MepWVOTELRxQ7qGK4aK1rZpW96EiAA20x5adOOR3kMf0ajA8njqoEVosXRSYb3d94q6PTu9wcwZZARaEA3NzatPpXQqgm5Vs-lN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAs; OXPCLK=AAHg4AAAAAAAAAAs; ppucnt=44
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAt; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAt; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure ppucnt=45; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=kPYMtondLyJ7tMbSklE-IiPLLl077w6hsS6PHxZADpDtzKtWh1pSRF7aBLz1wBCjgyyWuzXQGIXVrkD6vQ18nmmx8DRkOpgsDjN9jWFevilhNfEUM320AQtquS2n5mJV0t5-mSAFnljtiMACR8dDSoxTRJs8s2MZjQQ3lrtalMe4wtzJi98f8Po_iQtV-fLVTyzW94wfoawYJmixSgfvgcF1-XQaum7rZxF_rX-Oc1fQVibSgswAXftbJAHlcE_C81-nvwWef68i9FxR7NLX4RSAAnEbR_MteQonDaDSBCdCQg8mGLN1KtwVE9Qp24YzPkajYYbdj9WRuckrlIU-oXc3wrZEAz7tTzQ9zXGlw4m0tPQMeAxFtl3PZ1q8_mSRukKlN3JY3B1_rc9PR0XsL5oOCe53ai6fo0-oRakHyUE192MQV-r42t0mDM6si7XaSpc3v_dP2_GCkyfb6LEvdgTBcXhTU6-dQp_to65FZt-8n5cJ0ckN804qglkaBfd434OPJ2_SzREffW77xm7l88mlkHmNxVtP_rR_nAC9ULaNlXK9bSOo0eLW5u0MhToI-MepWVOTELRxQ7qGK4aK1rZpW96EiAA20x5adOOR3kMf0ajA8njqoEVosXRSYb3d94q6PTu9wcwZZARaEA3NzatPpXQqgm5Vs-lN&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405825b08be021040a0bbfe14fccf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b0dc7d7a44004a890510418f3b336304705e5f22f9f3c715fd558f01b1eb410c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAt; OXPCLK=AAHg4AAAAAAAAAAt; ppucnt=45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAt; OXPCLK=AAHg4AAAAAAAAAAt; ppucnt=45
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=udOfNKLDbyR_a06p0K1U5atQjWWKKF10cnIsDjNzj1EUka3GHc8wZgzbyGvKVn2lY2jvF8-BdsDKdfftjBRjaMy6qdf0hB8pAg0faC1U4o3pn0EDEgjPn-hTa8AGLAhRhBHvGaaMRQcIo29wsAurpclt83bLlF8DO8X35QrR2OJsnZkAHxv5C1ZjTqNbLbq4_Tc7S6OO7QxvCXzdTGZRQLoUZ-s5-1rSapk0BioF4eP4L9yNAZcoPIS4lVUnsrRo3VoHMyI61hv9oORvhC8dZIJvF-EYFxl8eN6dfLysTFeP2yrNwt61OyziyGa6lPaWWjM2K6mozQ96_27Vp7Nfn7alyOWcId3sLpFhmBXQCCSefruhh6kpmfw7qHN1yBLCd9-GE3xBYdO-4NQLZM6UlIuW6yi9yvkwOsqqm4BVRnudZdn6ai2Pp0cRgFlR38AvuQvP7Gv-qF7nhFxSEhylHI79HC29icKkeWjbZP0SX2FWJJBqOvXUcOaoK5TYqISlz8cDIswA7RgufYSD7Q3pBqGs-yBJHtMnMqE7YHnzktV3eR6-Qcow6Kucc9vBMbUT5uiVQWjDyMqj1fc-mW-Sspn6ER-zbMGYXv1mHT5kdC2Hc-roxJqRwFHwW_AncanAgmJQ7qVoUVcvJ7ZaE_PvJeoB2MpNsYRYOgez&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
11cb4518453dc500c9d9ffbe736c6550cf582f4b17320d28f486ed432ddd97eb

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=udOfNKLDbyR_a06p0K1U5atQjWWKKF10cnIsDjNzj1EUka3GHc8wZgzbyGvKVn2lY2jvF8-BdsDKdfftjBRjaMy6qdf0hB8pAg0faC1U4o3pn0EDEgjPn-hTa8AGLAhRhBHvGaaMRQcIo29wsAurpclt83bLlF8DO8X35QrR2OJsnZkAHxv5C1ZjTqNbLbq4_Tc7S6OO7QxvCXzdTGZRQLoUZ-s5-1rSapk0BioF4eP4L9yNAZcoPIS4lVUnsrRo3VoHMyI61hv9oORvhC8dZIJvF-EYFxl8eN6dfLysTFeP2yrNwt61OyziyGa6lPaWWjM2K6mozQ96_27Vp7Nfn7alyOWcId3sLpFhmBXQCCSefruhh6kpmfw7qHN1yBLCd9-GE3xBYdO-4NQLZM6UlIuW6yi9yvkwOsqqm4BVRnudZdn6ai2Pp0cRgFlR38AvuQvP7Gv-qF7nhFxSEhylHI79HC29icKkeWjbZP0SX2FWJJBqOvXUcOaoK5TYqISlz8cDIswA7RgufYSD7Q3pBqGs-yBJHtMnMqE7YHnzktV3eR6-Qcow6Kucc9vBMbUT5uiVQWjDyMqj1fc-mW-Sspn6ER-zbMGYXv1mHT5kdC2Hc-roxJqRwFHwW_AncanAgmJQ7qVoUVcvJ7ZaE_PvJeoB2MpNsYRYOgez&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAt; OXPCLK=AAHg4AAAAAAAAAAt; ppucnt=45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAu; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAu; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure ppucnt=46; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=udOfNKLDbyR_a06p0K1U5atQjWWKKF10cnIsDjNzj1EUka3GHc8wZgzbyGvKVn2lY2jvF8-BdsDKdfftjBRjaMy6qdf0hB8pAg0faC1U4o3pn0EDEgjPn-hTa8AGLAhRhBHvGaaMRQcIo29wsAurpclt83bLlF8DO8X35QrR2OJsnZkAHxv5C1ZjTqNbLbq4_Tc7S6OO7QxvCXzdTGZRQLoUZ-s5-1rSapk0BioF4eP4L9yNAZcoPIS4lVUnsrRo3VoHMyI61hv9oORvhC8dZIJvF-EYFxl8eN6dfLysTFeP2yrNwt61OyziyGa6lPaWWjM2K6mozQ96_27Vp7Nfn7alyOWcId3sLpFhmBXQCCSefruhh6kpmfw7qHN1yBLCd9-GE3xBYdO-4NQLZM6UlIuW6yi9yvkwOsqqm4BVRnudZdn6ai2Pp0cRgFlR38AvuQvP7Gv-qF7nhFxSEhylHI79HC29icKkeWjbZP0SX2FWJJBqOvXUcOaoK5TYqISlz8cDIswA7RgufYSD7Q3pBqGs-yBJHtMnMqE7YHnzktV3eR6-Qcow6Kucc9vBMbUT5uiVQWjDyMqj1fc-mW-Sspn6ER-zbMGYXv1mHT5kdC2Hc-roxJqRwFHwW_AncanAgmJQ7qVoUVcvJ7ZaE_PvJeoB2MpNsYRYOgez&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eca1569bf3914598889593c2af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a101bc5e14b7ffb4aaceadeccf8dc7fc592acae5ff99ff18b715fa54c1b74767

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAu; OXPCLK=AAHg4AAAAAAAAAAu; ppucnt=46
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAu; OXPCLK=AAHg4AAAAAAAAAAu; ppucnt=46
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=xIFYv47lDQ2zE4_Ol68DTC1kalssbv2gSTiLlA_1VFLFSOt9Dh-J0O6geqm4vB0JZBN9EwNUbf4YkP8iGOgSrpYVnDPEMg5DSnadgrpGNDHs8syZscaNBsdzbnOn07Jcb7YOoZxgCpX2tS-CTRZE41Y6iEkCzkwEIrDrHBa1uDbUpAi4-jN4ajq27_UCxeiLuLwPH0skLdcp1qIpaMRFi5zLy0lEKE0Ppxx0N3NKmH8UnpJMDcXx_KC7FEkg_PoTGXkObNgQUl3eeVlRT3fqKb8VDWXwCYLnj03-jxtHURGoOiaB8Es6zmIYQdBNWM4bv3mvOd00vM5TGyVYvH6dVzEfGhPCl8S0pT3VgfixlVSTsZ9O6PfasdVFMOFh-jYFe1p4vrThoBnHLQn2EOPSEKTzk9eZ-F9cCQLgtaLiP1qVBYvIpM9BWIwoNPBs5SsxBbsZccvGrieorByZsrMs4RXIU6xwdk-UOUwRDi3IKIGKomls2vwFRiTC0RELqiGRd3lQ4BdBdiulblcdS552fHyED4SIdPHqsTBIiJJEZTv93Iy7KJbhNiLgm6mxjPxSp5bx5Ixq5R-Fotd49wPfTgsIVFMN54Xh9pOHSdMLOvSdtLoQI5e5L5udfoUgxXMxBX8SXOruHeYml9Xws4hr-iYvQP4CpCfWCEav&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5682185f1c93c4b75c2440c666fc23ff698bde267ff26e68b8bd815ec5ddb518

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=xIFYv47lDQ2zE4_Ol68DTC1kalssbv2gSTiLlA_1VFLFSOt9Dh-J0O6geqm4vB0JZBN9EwNUbf4YkP8iGOgSrpYVnDPEMg5DSnadgrpGNDHs8syZscaNBsdzbnOn07Jcb7YOoZxgCpX2tS-CTRZE41Y6iEkCzkwEIrDrHBa1uDbUpAi4-jN4ajq27_UCxeiLuLwPH0skLdcp1qIpaMRFi5zLy0lEKE0Ppxx0N3NKmH8UnpJMDcXx_KC7FEkg_PoTGXkObNgQUl3eeVlRT3fqKb8VDWXwCYLnj03-jxtHURGoOiaB8Es6zmIYQdBNWM4bv3mvOd00vM5TGyVYvH6dVzEfGhPCl8S0pT3VgfixlVSTsZ9O6PfasdVFMOFh-jYFe1p4vrThoBnHLQn2EOPSEKTzk9eZ-F9cCQLgtaLiP1qVBYvIpM9BWIwoNPBs5SsxBbsZccvGrieorByZsrMs4RXIU6xwdk-UOUwRDi3IKIGKomls2vwFRiTC0RELqiGRd3lQ4BdBdiulblcdS552fHyED4SIdPHqsTBIiJJEZTv93Iy7KJbhNiLgm6mxjPxSp5bx5Ixq5R-Fotd49wPfTgsIVFMN54Xh9pOHSdMLOvSdtLoQI5e5L5udfoUgxXMxBX8SXOruHeYml9Xws4hr-iYvQP4CpCfWCEav&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAu; OXPCLK=AAHg4AAAAAAAAAAu; ppucnt=46
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAv; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAv; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure ppucnt=47; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=xIFYv47lDQ2zE4_Ol68DTC1kalssbv2gSTiLlA_1VFLFSOt9Dh-J0O6geqm4vB0JZBN9EwNUbf4YkP8iGOgSrpYVnDPEMg5DSnadgrpGNDHs8syZscaNBsdzbnOn07Jcb7YOoZxgCpX2tS-CTRZE41Y6iEkCzkwEIrDrHBa1uDbUpAi4-jN4ajq27_UCxeiLuLwPH0skLdcp1qIpaMRFi5zLy0lEKE0Ppxx0N3NKmH8UnpJMDcXx_KC7FEkg_PoTGXkObNgQUl3eeVlRT3fqKb8VDWXwCYLnj03-jxtHURGoOiaB8Es6zmIYQdBNWM4bv3mvOd00vM5TGyVYvH6dVzEfGhPCl8S0pT3VgfixlVSTsZ9O6PfasdVFMOFh-jYFe1p4vrThoBnHLQn2EOPSEKTzk9eZ-F9cCQLgtaLiP1qVBYvIpM9BWIwoNPBs5SsxBbsZccvGrieorByZsrMs4RXIU6xwdk-UOUwRDi3IKIGKomls2vwFRiTC0RELqiGRd3lQ4BdBdiulblcdS552fHyED4SIdPHqsTBIiJJEZTv93Iy7KJbhNiLgm6mxjPxSp5bx5Ixq5R-Fotd49wPfTgsIVFMN54Xh9pOHSdMLOvSdtLoQI5e5L5udfoUgxXMxBX8SXOruHeYml9Xws4hr-iYvQP4CpCfWCEav&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:39 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050d3269f534af44acb899c3f957&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:39 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4aa6407d3d45b0f9f1d54176994b82bd84a16504653a23366d26afcdf513eacb

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAv; OXPCLK=AAHg4AAAAAAAAAAv; ppucnt=47
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAv; OXPCLK=AAHg4AAAAAAAAAAv; ppucnt=47
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=jtClr3nzwsumDnGITQ7_R9Nle4A-uAgrokRlrZkHcy3h_mcAghR5T3B6qAlbrL-ZxrxpzW4eRCpc_OrAeEHo35J5BKoaPoC9bGVuQ4pwHjJmDzyzU61H8Pqn_1k7p06nrhgwUWJj4S8qSdtgPiL0cPTKpcrEdFIEtMdAYGOCIIHHP0JQqq_QL1BQlClNqNTJtu2tQovTq-H70FTcaNNuvzQh0Age3O8Tj9qzB-we3QFpkfbsjZR6-PYrP5Iq4bYFKYEI0Z9QX0jICZAx4N7QlqSuwai8XP2QeveRk95YTvYqpaZOWZIkYxc2AYbf1xTBWtf4Y8u7zcy3u1_IL2Hs7A4q0Hz53sjH38L-bn0Hj7ETsNSG8DPzK6ithIARWT19q3wCUaWO3w5lsBitBFs7vJGiW26HM-x4r89SFhz2GiSEEYjJOvlZckNtNO-z92FLZsmAJ1zJO2UTlyen5HVOOLpkyf1_CFYm2zHwM14EkLbgIc6L6_EvntbtJ1OTIz2zBtCFSNfSLvDT-KBIWV54A9Ym6WnDRI2ddinvj4Fwf9EfTgRNO-kxnsGhMlU5CR-v_C6UtzufbOfbfz9VoabllBvcdq-oA-58bEdDRlfXbTkOS7ijLfSn4qPFuXGnQRv445VtyEef12ciXwolDhoSODLKu50ffX19zdIt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
42684dc7702fb497dffb05859b7682df0ba2bfb90ab22937ce1fab4055855e0c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=jtClr3nzwsumDnGITQ7_R9Nle4A-uAgrokRlrZkHcy3h_mcAghR5T3B6qAlbrL-ZxrxpzW4eRCpc_OrAeEHo35J5BKoaPoC9bGVuQ4pwHjJmDzyzU61H8Pqn_1k7p06nrhgwUWJj4S8qSdtgPiL0cPTKpcrEdFIEtMdAYGOCIIHHP0JQqq_QL1BQlClNqNTJtu2tQovTq-H70FTcaNNuvzQh0Age3O8Tj9qzB-we3QFpkfbsjZR6-PYrP5Iq4bYFKYEI0Z9QX0jICZAx4N7QlqSuwai8XP2QeveRk95YTvYqpaZOWZIkYxc2AYbf1xTBWtf4Y8u7zcy3u1_IL2Hs7A4q0Hz53sjH38L-bn0Hj7ETsNSG8DPzK6ithIARWT19q3wCUaWO3w5lsBitBFs7vJGiW26HM-x4r89SFhz2GiSEEYjJOvlZckNtNO-z92FLZsmAJ1zJO2UTlyen5HVOOLpkyf1_CFYm2zHwM14EkLbgIc6L6_EvntbtJ1OTIz2zBtCFSNfSLvDT-KBIWV54A9Ym6WnDRI2ddinvj4Fwf9EfTgRNO-kxnsGhMlU5CR-v_C6UtzufbOfbfz9VoabllBvcdq-oA-58bEdDRlfXbTkOS7ijLfSn4qPFuXGnQRv445VtyEef12ciXwolDhoSODLKu50ffX19zdIt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAv; OXPCLK=AAHg4AAAAAAAAAAv; ppucnt=47
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAw; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAw; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure ppucnt=48; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:39 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=e3e839aa4871bb555525f3b5b6d4decc1631480739&psp=jtClr3nzwsumDnGITQ7_R9Nle4A-uAgrokRlrZkHcy3h_mcAghR5T3B6qAlbrL-ZxrxpzW4eRCpc_OrAeEHo35J5BKoaPoC9bGVuQ4pwHjJmDzyzU61H8Pqn_1k7p06nrhgwUWJj4S8qSdtgPiL0cPTKpcrEdFIEtMdAYGOCIIHHP0JQqq_QL1BQlClNqNTJtu2tQovTq-H70FTcaNNuvzQh0Age3O8Tj9qzB-we3QFpkfbsjZR6-PYrP5Iq4bYFKYEI0Z9QX0jICZAx4N7QlqSuwai8XP2QeveRk95YTvYqpaZOWZIkYxc2AYbf1xTBWtf4Y8u7zcy3u1_IL2Hs7A4q0Hz53sjH38L-bn0Hj7ETsNSG8DPzK6ithIARWT19q3wCUaWO3w5lsBitBFs7vJGiW26HM-x4r89SFhz2GiSEEYjJOvlZckNtNO-z92FLZsmAJ1zJO2UTlyen5HVOOLpkyf1_CFYm2zHwM14EkLbgIc6L6_EvntbtJ1OTIz2zBtCFSNfSLvDT-KBIWV54A9Ym6WnDRI2ddinvj4Fwf9EfTgRNO-kxnsGhMlU5CR-v_C6UtzufbOfbfz9VoabllBvcdq-oA-58bEdDRlfXbTkOS7ijLfSn4qPFuXGnQRv445VtyEef12ciXwolDhoSODLKu50ffX19zdIt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140585f3119cc0764235be3e8edfd5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f826c20438c20a7f8ba6b98ccd8ea048ae114b3db202e8d2e3a7f9530b46f8b4

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAw; OXPCLK=AAHg4AAAAAAAAAAw; ppucnt=48
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAw; OXPCLK=AAHg4AAAAAAAAAAw; ppucnt=48
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=gYHW9WjxLFrdD9jFJFMAXnkCAkzu8Z8W4VzlZS0tAxBwUtFj9tNuqU9l6vn44P1YMoGiv8dVVSfVFWZl42XDIccr2K6O0pJApbkov7ZRWRA0U06YFuLhZ4wSBpNX0nthpmBj2RkIq-1MXL8iLMpiATz_PTXk1oteSxbIlV14BLAcTqHuj9DDcFgFSdWDqHrzr8jQVqWhkBoy9l7tmPCzUvMwpjaoarXlfm1HWnaqUtSva-qHLDXr7_vZzJfna_JWEcqWryWFJf1eFGa7_EySVO99hrAENHby3qv5LflvyUlZinTp6P8ryv5WD6czRj-6gPegFHmEB3xiutZ5xfg9e_Rr3hOChGnETH66qrqMIseMklDt4WieYKYbW51AL9XzeLTagh-ArA72x5SrGUCkCcKVEGyMxvwZ_R752TfA4npezlFzuDoorRgjxLgN5EqztNJZ8zFDBsrfJ79WL5YyTDgD-QUuyzVjyfGIEVc1k2LmDZTtpjiXqzTnFKyrRREHnfHkaabJikDX5hplLL_159ovEm6GOqMXqaCQQMe50vuh2EWeOROB32xaPbZ6hOX62sPQjoEPmIfveESThSehguPFJVQHLB8LYXz5vNqkbGzcxKRO60wgnNRyZaBWG0m0hTfh2Jjn33r0dAR5tlyU5pCOhZUMeD2D929S&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2e3e33add77b041d2e33b562374d1285bab805362f3f6bfc76b4db3d0c69b7d3

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=gYHW9WjxLFrdD9jFJFMAXnkCAkzu8Z8W4VzlZS0tAxBwUtFj9tNuqU9l6vn44P1YMoGiv8dVVSfVFWZl42XDIccr2K6O0pJApbkov7ZRWRA0U06YFuLhZ4wSBpNX0nthpmBj2RkIq-1MXL8iLMpiATz_PTXk1oteSxbIlV14BLAcTqHuj9DDcFgFSdWDqHrzr8jQVqWhkBoy9l7tmPCzUvMwpjaoarXlfm1HWnaqUtSva-qHLDXr7_vZzJfna_JWEcqWryWFJf1eFGa7_EySVO99hrAENHby3qv5LflvyUlZinTp6P8ryv5WD6czRj-6gPegFHmEB3xiutZ5xfg9e_Rr3hOChGnETH66qrqMIseMklDt4WieYKYbW51AL9XzeLTagh-ArA72x5SrGUCkCcKVEGyMxvwZ_R752TfA4npezlFzuDoorRgjxLgN5EqztNJZ8zFDBsrfJ79WL5YyTDgD-QUuyzVjyfGIEVc1k2LmDZTtpjiXqzTnFKyrRREHnfHkaabJikDX5hplLL_159ovEm6GOqMXqaCQQMe50vuh2EWeOROB32xaPbZ6hOX62sPQjoEPmIfveESThSehguPFJVQHLB8LYXz5vNqkbGzcxKRO60wgnNRyZaBWG0m0hTfh2Jjn33r0dAR5tlyU5pCOhZUMeD2D929S&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAw; OXPCLK=AAHg4AAAAAAAAAAw; ppucnt=48
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAx; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAx; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure ppucnt=49; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=gYHW9WjxLFrdD9jFJFMAXnkCAkzu8Z8W4VzlZS0tAxBwUtFj9tNuqU9l6vn44P1YMoGiv8dVVSfVFWZl42XDIccr2K6O0pJApbkov7ZRWRA0U06YFuLhZ4wSBpNX0nthpmBj2RkIq-1MXL8iLMpiATz_PTXk1oteSxbIlV14BLAcTqHuj9DDcFgFSdWDqHrzr8jQVqWhkBoy9l7tmPCzUvMwpjaoarXlfm1HWnaqUtSva-qHLDXr7_vZzJfna_JWEcqWryWFJf1eFGa7_EySVO99hrAENHby3qv5LflvyUlZinTp6P8ryv5WD6czRj-6gPegFHmEB3xiutZ5xfg9e_Rr3hOChGnETH66qrqMIseMklDt4WieYKYbW51AL9XzeLTagh-ArA72x5SrGUCkCcKVEGyMxvwZ_R752TfA4npezlFzuDoorRgjxLgN5EqztNJZ8zFDBsrfJ79WL5YyTDgD-QUuyzVjyfGIEVc1k2LmDZTtpjiXqzTnFKyrRREHnfHkaabJikDX5hplLL_159ovEm6GOqMXqaCQQMe50vuh2EWeOROB32xaPbZ6hOX62sPQjoEPmIfveESThSehguPFJVQHLB8LYXz5vNqkbGzcxKRO60wgnNRyZaBWG0m0hTfh2Jjn33r0dAR5tlyU5pCOhZUMeD2D929S&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b829ee64c3944725adbf8e0f41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f81bda1efa50ae17098f3ff2190bbd48d6c782513730f8f207676ef1e381b1e6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAx; OXPCLK=AAHg4AAAAAAAAAAx; ppucnt=49
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAx; OXPCLK=AAHg4AAAAAAAAAAx; ppucnt=49
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=p9FpqaH1jLTDFJ8gCjuY9-9Ct5J5uxQKwWmH1btPdTj_Ch-SDAuZfoRenfFkooJsY9xOMtzkt44F7KgSLS8dsYeORNPPizbhC0kWjaEG1-c5n-FCQVVs2QP7hjyFVvAS9tvdWNOqhbNmPhfUticXxwNuxHwgq4OGreY4FYdLgZT3pZYwG7lu3FIjVv81lar0R_3lrrUOqzzjvDg6Rhu2o6Kc2kQfHCGdVZeiJfSnEsdbrbNmeYPvVtBOtiT7t0wMt7mXQQOLojt7piVDLl-8txsLTKH9zqxjuuyFbz1Gb9lgHqR6CiYtEoqLYuQbsDviuu3NzV6ktS8CrbVXuzEaxnYxSuww2kznzpmZmI7BSkV2hz3TtRasAn25t5XRGn2uAFXpJvY5kx-AuAyvcxqw7JGkBJZ_6y43puRlTGJQd9H0VCBsSBbVQsAAyo1yfTgiMP82ySxekO-ZjVF8b-yiYTRS3fjAMMxa27vgvUGVpW6fMoLn8bcbbhGKAD2v0jKN6LJ0xr6EaYF6P6-H5c6xwdrmPXGNq56RqNnp_s3bJkfDnGQoWVlWd1ZDReoKeSOm68-ZrNqBevmsHUHpqdbn2a8QnUXbC_ZuN1jLvonfMNI5iLBg6K4bBhhGUv8us5xT9qTrMZnOfKcFF7AAKWBFSCBSl0qKOyR_YV3D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6d122d9358dfbf2e49f1a137def0c48b6d9747299cca2cb4ccd91062cc62a364

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=p9FpqaH1jLTDFJ8gCjuY9-9Ct5J5uxQKwWmH1btPdTj_Ch-SDAuZfoRenfFkooJsY9xOMtzkt44F7KgSLS8dsYeORNPPizbhC0kWjaEG1-c5n-FCQVVs2QP7hjyFVvAS9tvdWNOqhbNmPhfUticXxwNuxHwgq4OGreY4FYdLgZT3pZYwG7lu3FIjVv81lar0R_3lrrUOqzzjvDg6Rhu2o6Kc2kQfHCGdVZeiJfSnEsdbrbNmeYPvVtBOtiT7t0wMt7mXQQOLojt7piVDLl-8txsLTKH9zqxjuuyFbz1Gb9lgHqR6CiYtEoqLYuQbsDviuu3NzV6ktS8CrbVXuzEaxnYxSuww2kznzpmZmI7BSkV2hz3TtRasAn25t5XRGn2uAFXpJvY5kx-AuAyvcxqw7JGkBJZ_6y43puRlTGJQd9H0VCBsSBbVQsAAyo1yfTgiMP82ySxekO-ZjVF8b-yiYTRS3fjAMMxa27vgvUGVpW6fMoLn8bcbbhGKAD2v0jKN6LJ0xr6EaYF6P6-H5c6xwdrmPXGNq56RqNnp_s3bJkfDnGQoWVlWd1ZDReoKeSOm68-ZrNqBevmsHUHpqdbn2a8QnUXbC_ZuN1jLvonfMNI5iLBg6K4bBhhGUv8us5xT9qTrMZnOfKcFF7AAKWBFSCBSl0qKOyR_YV3D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAx; OXPCLK=AAHg4AAAAAAAAAAx; ppucnt=49
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAy; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAy; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure ppucnt=50; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140582b37ec625f641879e64f09f2d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=p9FpqaH1jLTDFJ8gCjuY9-9Ct5J5uxQKwWmH1btPdTj_Ch-SDAuZfoRenfFkooJsY9xOMtzkt44F7KgSLS8dsYeORNPPizbhC0kWjaEG1-c5n-FCQVVs2QP7hjyFVvAS9tvdWNOqhbNmPhfUticXxwNuxHwgq4OGreY4FYdLgZT3pZYwG7lu3FIjVv81lar0R_3lrrUOqzzjvDg6Rhu2o6Kc2kQfHCGdVZeiJfSnEsdbrbNmeYPvVtBOtiT7t0wMt7mXQQOLojt7piVDLl-8txsLTKH9zqxjuuyFbz1Gb9lgHqR6CiYtEoqLYuQbsDviuu3NzV6ktS8CrbVXuzEaxnYxSuww2kznzpmZmI7BSkV2hz3TtRasAn25t5XRGn2uAFXpJvY5kx-AuAyvcxqw7JGkBJZ_6y43puRlTGJQd9H0VCBsSBbVQsAAyo1yfTgiMP82ySxekO-ZjVF8b-yiYTRS3fjAMMxa27vgvUGVpW6fMoLn8bcbbhGKAD2v0jKN6LJ0xr6EaYF6P6-H5c6xwdrmPXGNq56RqNnp_s3bJkfDnGQoWVlWd1ZDReoKeSOm68-ZrNqBevmsHUHpqdbn2a8QnUXbC_ZuN1jLvonfMNI5iLBg6K4bBhhGUv8us5xT9qTrMZnOfKcFF7AAKWBFSCBSl0qKOyR_YV3D&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140582b37ec625f641879e64f09f2d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140582b37ec625f641879e64f09f2d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140582b37ec625f641879e64f09f2d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5a1d57e98702129644921ededc791f24625329462d7e20f64d18fbff9a11ca53

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAy; OXPCLK=AAHg4AAAAAAAAAAy; ppucnt=50
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAy; OXPCLK=AAHg4AAAAAAAAAAy; ppucnt=50
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=Jpyzja4HU_d3w5PhJD0pPuJQ4yBswRdYSryVZRtCk90lBmeOggs9I3s_LqjjVeDokMqotxRljlr-uzpfkH9qdv7mTKK5Quw728iNhwoUoiImAqejctBLSX6fnE2NJKnvjalj068j0EdmG1f_QvysXTdBLTmZUPZtWgEDtlvpKGqNK7tuFk03zli0Wg_We3m8Kwa4ErY1LrfHWygVlURseHDEYk8r7K-tC6-ERcQsR7A3JWqJGDP5JIkOyIjaQzhqiGr3HDU7hHLYb0XqeGYTdVRDN6tJN6AlTf7a-nJ_tS6klMjE-yUqVwn15FDBuZG8fyRaU-8H0BL_eom4BGymZgni_s59kRY7DlyVmsCoA6-IcbgjnYIPPLr_ysWAnhSZQAhTVamVBD0pI9Ud8u7iojeFd3daGbAcM97P_jK2VFeWV1rYF6xwr02BXGXRGlNZ1_0JE0er0qB7i0Bp5dgT1h7k3m2QRBWaZOaQA9hCZs7Z72gmHzjzGelO4wU23jEnGpE6ce50G6Odl1pvVkcq4qFpjY3VXlzk84G9Qx4k0c5hW3wLQnwGd77rTkKanpGehscqQQtIgVbkqd_nfJWelFnd_QmzjRoiKxeFglCqGW7MMkNIyjFmh5xV200sknQyfVUEiF-LvjkMCmR7bzp9oUR5cekorwXettI7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3740bd8f62524fb083f58a179b012227b1bec3772da59f24e07dd2598656ad1f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=Jpyzja4HU_d3w5PhJD0pPuJQ4yBswRdYSryVZRtCk90lBmeOggs9I3s_LqjjVeDokMqotxRljlr-uzpfkH9qdv7mTKK5Quw728iNhwoUoiImAqejctBLSX6fnE2NJKnvjalj068j0EdmG1f_QvysXTdBLTmZUPZtWgEDtlvpKGqNK7tuFk03zli0Wg_We3m8Kwa4ErY1LrfHWygVlURseHDEYk8r7K-tC6-ERcQsR7A3JWqJGDP5JIkOyIjaQzhqiGr3HDU7hHLYb0XqeGYTdVRDN6tJN6AlTf7a-nJ_tS6klMjE-yUqVwn15FDBuZG8fyRaU-8H0BL_eom4BGymZgni_s59kRY7DlyVmsCoA6-IcbgjnYIPPLr_ysWAnhSZQAhTVamVBD0pI9Ud8u7iojeFd3daGbAcM97P_jK2VFeWV1rYF6xwr02BXGXRGlNZ1_0JE0er0qB7i0Bp5dgT1h7k3m2QRBWaZOaQA9hCZs7Z72gmHzjzGelO4wU23jEnGpE6ce50G6Odl1pvVkcq4qFpjY3VXlzk84G9Qx4k0c5hW3wLQnwGd77rTkKanpGehscqQQtIgVbkqd_nfJWelFnd_QmzjRoiKxeFglCqGW7MMkNIyjFmh5xV200sknQyfVUEiF-LvjkMCmR7bzp9oUR5cekorwXettI7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAy; OXPCLK=AAHg4AAAAAAAAAAy; ppucnt=50
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAAz; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure OXPCLK=AAHg4AAAAAAAAAAz; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure ppucnt=51; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:40 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfd77fa0c0f8f8eea361139afe078e201631480740&psp=Jpyzja4HU_d3w5PhJD0pPuJQ4yBswRdYSryVZRtCk90lBmeOggs9I3s_LqjjVeDokMqotxRljlr-uzpfkH9qdv7mTKK5Quw728iNhwoUoiImAqejctBLSX6fnE2NJKnvjalj068j0EdmG1f_QvysXTdBLTmZUPZtWgEDtlvpKGqNK7tuFk03zli0Wg_We3m8Kwa4ErY1LrfHWygVlURseHDEYk8r7K-tC6-ERcQsR7A3JWqJGDP5JIkOyIjaQzhqiGr3HDU7hHLYb0XqeGYTdVRDN6tJN6AlTf7a-nJ_tS6klMjE-yUqVwn15FDBuZG8fyRaU-8H0BL_eom4BGymZgni_s59kRY7DlyVmsCoA6-IcbgjnYIPPLr_ysWAnhSZQAhTVamVBD0pI9Ud8u7iojeFd3daGbAcM97P_jK2VFeWV1rYF6xwr02BXGXRGlNZ1_0JE0er0qB7i0Bp5dgT1h7k3m2QRBWaZOaQA9hCZs7Z72gmHzjzGelO4wU23jEnGpE6ce50G6Odl1pvVkcq4qFpjY3VXlzk84G9Qx4k0c5hW3wLQnwGd77rTkKanpGehscqQQtIgVbkqd_nfJWelFnd_QmzjRoiKxeFglCqGW7MMkNIyjFmh5xV200sknQyfVUEiF-LvjkMCmR7bzp9oUR5cekorwXettI7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:40 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:40 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:40 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058e5cc47a504f4f43887ccec34c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5381cdbfab10576d5a4752e2a9658530e1f7f11f63fff14c5c4d6a25d48ed9d8

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAz; OXPCLK=AAHg4AAAAAAAAAAz; ppucnt=51
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAz; OXPCLK=AAHg4AAAAAAAAAAz; ppucnt=51
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=f1j7EEq9H-bHTtpUbJ9DbKpZONK3fbd2941dZCc2SY_DFZwm0McstLD3vWwrqo7ox_7R_aKCzbWtQY0cGp3q9Bp_kpjblOJINKhpXgaEHi0rl6YMwhsBdSmnYEmVJXu5MiScwVJ8s7PYu7BPm9OJFp5Nxny_GChYXTF1LuhorBzE1rrSE3DMCoWC0HIv_aFYvr8Q0o6riax3LdamP22TmQkPd58NEl98Ou5v8J77HhUes8i25ltiL8-AGx5_b-NTgF1vGXYgfPhk0jJO1IqkEjLAGEUxg8VQLpwV_p4s5fsh0TtjTTVs-icCJoSrUANvzfWpgvJHlMV20HO8MYDeQ_vWjxCJKOduyMOiQ8ETF3kt1jAZHHVz13lWBY6JpEVK0laC1LJpRvKyHUTeW4Ky5ECPH8MFsmbdaSqUunLT7nr-Rm6XGyKtSStEVACy0ZuenvdLt74DlEXaB0LMl5nTaOISNRSmh5XdqWfFnRWAhCt9VP7IkbIEyRkmm2Z8fIu_achBczje5eOe-Fk_R5bIn5r4Twj9842MmbhUr9LZ-WVgJq9lWQtnxZaCXkWR3vLnQN2roNLAy4Ji4G_i_KktVFW5fk3W_uQj7LPgi9FuWZpMD5fimNze0BonnJ2WvKhlicuj-HK-v2nW-O3nRcJn-MF5lH_FTrWdZG4Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
37262dc28deab1ccf5c358cc8ac423e74ad285b7ba2357a8d568972b4a5b653a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=f1j7EEq9H-bHTtpUbJ9DbKpZONK3fbd2941dZCc2SY_DFZwm0McstLD3vWwrqo7ox_7R_aKCzbWtQY0cGp3q9Bp_kpjblOJINKhpXgaEHi0rl6YMwhsBdSmnYEmVJXu5MiScwVJ8s7PYu7BPm9OJFp5Nxny_GChYXTF1LuhorBzE1rrSE3DMCoWC0HIv_aFYvr8Q0o6riax3LdamP22TmQkPd58NEl98Ou5v8J77HhUes8i25ltiL8-AGx5_b-NTgF1vGXYgfPhk0jJO1IqkEjLAGEUxg8VQLpwV_p4s5fsh0TtjTTVs-icCJoSrUANvzfWpgvJHlMV20HO8MYDeQ_vWjxCJKOduyMOiQ8ETF3kt1jAZHHVz13lWBY6JpEVK0laC1LJpRvKyHUTeW4Ky5ECPH8MFsmbdaSqUunLT7nr-Rm6XGyKtSStEVACy0ZuenvdLt74DlEXaB0LMl5nTaOISNRSmh5XdqWfFnRWAhCt9VP7IkbIEyRkmm2Z8fIu_achBczje5eOe-Fk_R5bIn5r4Twj9842MmbhUr9LZ-WVgJq9lWQtnxZaCXkWR3vLnQN2roNLAy4Ji4G_i_KktVFW5fk3W_uQj7LPgi9FuWZpMD5fimNze0BonnJ2WvKhlicuj-HK-v2nW-O3nRcJn-MF5lH_FTrWdZG4Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAAz; OXPCLK=AAHg4AAAAAAAAAAz; ppucnt=51
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA0; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA0; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=52; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=f1j7EEq9H-bHTtpUbJ9DbKpZONK3fbd2941dZCc2SY_DFZwm0McstLD3vWwrqo7ox_7R_aKCzbWtQY0cGp3q9Bp_kpjblOJINKhpXgaEHi0rl6YMwhsBdSmnYEmVJXu5MiScwVJ8s7PYu7BPm9OJFp5Nxny_GChYXTF1LuhorBzE1rrSE3DMCoWC0HIv_aFYvr8Q0o6riax3LdamP22TmQkPd58NEl98Ou5v8J77HhUes8i25ltiL8-AGx5_b-NTgF1vGXYgfPhk0jJO1IqkEjLAGEUxg8VQLpwV_p4s5fsh0TtjTTVs-icCJoSrUANvzfWpgvJHlMV20HO8MYDeQ_vWjxCJKOduyMOiQ8ETF3kt1jAZHHVz13lWBY6JpEVK0laC1LJpRvKyHUTeW4Ky5ECPH8MFsmbdaSqUunLT7nr-Rm6XGyKtSStEVACy0ZuenvdLt74DlEXaB0LMl5nTaOISNRSmh5XdqWfFnRWAhCt9VP7IkbIEyRkmm2Z8fIu_achBczje5eOe-Fk_R5bIn5r4Twj9842MmbhUr9LZ-WVgJq9lWQtnxZaCXkWR3vLnQN2roNLAy4Ji4G_i_KktVFW5fk3W_uQj7LPgi9FuWZpMD5fimNze0BonnJ2WvKhlicuj-HK-v2nW-O3nRcJn-MF5lH_FTrWdZG4Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7ea9faea74442bbbb8d10f950&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
77c414acc30edde3031d3bc71edbce2c4e974ced9efdb1ad487f837882645518

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA0; OXPCLK=AAHg4AAAAAAAAAA0; ppucnt=52
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA0; OXPCLK=AAHg4AAAAAAAAAA0; ppucnt=52
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=ecMxs6Iq3n30PvbHBiy5PoRamDfuk-8np-Kwn5n-1oFs5Uwzr24rup4pS_L6WKBqRsPQPJFKBE44mXmNSXta7SUkPra_2hrQbkkUsyHW49OMTGlphw_nvmh6s49uGNyUZ32TjHnZevbpWVVIXVCPiT3NGEslKMmkxs8_UFMJonHyiBKu0kzMcTHCBhWLXTtLp8s3f6FZ0KNbS6X6jTCEQle0pl9zkr4rwlWk1h8t7o3NwAd51TALX6nqvGl_VjGdRSFmyzrqeiRZe2jX5vMeB4ySXYiKdBXvLHkoigd8vGVyU0OcDm9XP2PAlhyMXho0pJHroZwWDVrbfvEXY_2czn6a69lvxx-IlHgR-c1SolDLugaFeCCBje_xNOO54ZXBqhoTfjYGpzMz1Oq666Go8QSnrurc09XeL-FM6NeUag6myWkFtRyf3mMWV4VFopVTixPHwOUIGHnQ6qZHXQkTJ28ixmR3ffWJ9v55SIxBH_aefm_Yj47ehv9bBlsD6NDWmNhzclFYXZem6K2sTuONu2QUQcmcKdOHHlVzORYyrdVCEX0K8r8TWSjc5eLDwceRT7VNJMvyfqC4NJBw7zPYS44xC8wyfrpwXVgqCxWMH5myTTUn3v02QsoWyVknpmCBKz7pC0mxIw4u4SfcoLd18AGrDy2k--F5jZhP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
32f4963b4e59e87585643fae50d1c0d2202ea3b22c05f9e7c0b07e078c7ef4ac

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=ecMxs6Iq3n30PvbHBiy5PoRamDfuk-8np-Kwn5n-1oFs5Uwzr24rup4pS_L6WKBqRsPQPJFKBE44mXmNSXta7SUkPra_2hrQbkkUsyHW49OMTGlphw_nvmh6s49uGNyUZ32TjHnZevbpWVVIXVCPiT3NGEslKMmkxs8_UFMJonHyiBKu0kzMcTHCBhWLXTtLp8s3f6FZ0KNbS6X6jTCEQle0pl9zkr4rwlWk1h8t7o3NwAd51TALX6nqvGl_VjGdRSFmyzrqeiRZe2jX5vMeB4ySXYiKdBXvLHkoigd8vGVyU0OcDm9XP2PAlhyMXho0pJHroZwWDVrbfvEXY_2czn6a69lvxx-IlHgR-c1SolDLugaFeCCBje_xNOO54ZXBqhoTfjYGpzMz1Oq666Go8QSnrurc09XeL-FM6NeUag6myWkFtRyf3mMWV4VFopVTixPHwOUIGHnQ6qZHXQkTJ28ixmR3ffWJ9v55SIxBH_aefm_Yj47ehv9bBlsD6NDWmNhzclFYXZem6K2sTuONu2QUQcmcKdOHHlVzORYyrdVCEX0K8r8TWSjc5eLDwceRT7VNJMvyfqC4NJBw7zPYS44xC8wyfrpwXVgqCxWMH5myTTUn3v02QsoWyVknpmCBKz7pC0mxIw4u4SfcoLd18AGrDy2k--F5jZhP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA0; OXPCLK=AAHg4AAAAAAAAAA0; ppucnt=52
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA1; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA1; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=53; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=ecMxs6Iq3n30PvbHBiy5PoRamDfuk-8np-Kwn5n-1oFs5Uwzr24rup4pS_L6WKBqRsPQPJFKBE44mXmNSXta7SUkPra_2hrQbkkUsyHW49OMTGlphw_nvmh6s49uGNyUZ32TjHnZevbpWVVIXVCPiT3NGEslKMmkxs8_UFMJonHyiBKu0kzMcTHCBhWLXTtLp8s3f6FZ0KNbS6X6jTCEQle0pl9zkr4rwlWk1h8t7o3NwAd51TALX6nqvGl_VjGdRSFmyzrqeiRZe2jX5vMeB4ySXYiKdBXvLHkoigd8vGVyU0OcDm9XP2PAlhyMXho0pJHroZwWDVrbfvEXY_2czn6a69lvxx-IlHgR-c1SolDLugaFeCCBje_xNOO54ZXBqhoTfjYGpzMz1Oq666Go8QSnrurc09XeL-FM6NeUag6myWkFtRyf3mMWV4VFopVTixPHwOUIGHnQ6qZHXQkTJ28ixmR3ffWJ9v55SIxBH_aefm_Yj47ehv9bBlsD6NDWmNhzclFYXZem6K2sTuONu2QUQcmcKdOHHlVzORYyrdVCEX0K8r8TWSjc5eLDwceRT7VNJMvyfqC4NJBw7zPYS44xC8wyfrpwXVgqCxWMH5myTTUn3v02QsoWyVknpmCBKz7pC0mxIw4u4SfcoLd18AGrDy2k--F5jZhP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057cf128b07c7c41288cde4dfe24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e23694e3ef862a83ba4398a163cc500d2a0f770747a3121d713405e11cee7264

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA1; OXPCLK=AAHg4AAAAAAAAAA1; ppucnt=53
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA1; OXPCLK=AAHg4AAAAAAAAAA1; ppucnt=53
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=QZGs0sMmh6CDpi3Wpcnv8FvNcQxEvEkPc2cPp_YHJNWUQ62rdfJkEMOk8qZbQJu7qFxYcBdT1kDEB8WFzrJ6WdHOup_txBXlega4hT94n-OancUUolb-mw8nLmzEUN0Mgsej8DPzS1qtSSrpIAR1rNBsLihPhv13tnT8Bi3wXOAeEhqU74U402zqi2sL4Kxr_HFOwPMWLCH1K7UdhPY5rycoPzXtohiwXYIp43RrZ4pYFQfo15l-k3jyQLGrqWUEh226u4AJ8B5M81gbz8XptNtE2mnsGAUddJFVcxGt-dE26Q6JwW50QMZCfyU4aUm5Nfwx55C9u8ZPwfCy4V2jmfOn0wpXh14Td8fHPP0XCLLodwML3sqF2je9KdosfwOoOsF4nlJrGz95eKYMJjOmZMhDFtr9YN9KULhkVkxQ3HVuTYYT2XxpLuWyUiO8xTALWwZB6voAjez0yWOdcoBJuPCW1vIJntMPeJaX2Kuy9RV71AOKDW3MuBKkp3I6LzJ9-2n3S-s5hEpVGkcXD3Z02QazpgKBFnFaLZRnyWfywUkkXrrMw6XoVbbEfPRfEZz1BEVy7lHCWyy1ML3hIgUdojUVGOS-RZSooazHjG2aTEJgkJ7oCr7k57s1leq5EttbNtjD2u0ioGNIAjy4w56evFNmmmvxxFf8uSfa&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d028a46ce9a3cf40fc7b239a2157be6b90df87430f8c1f1673ace9e443338472

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=QZGs0sMmh6CDpi3Wpcnv8FvNcQxEvEkPc2cPp_YHJNWUQ62rdfJkEMOk8qZbQJu7qFxYcBdT1kDEB8WFzrJ6WdHOup_txBXlega4hT94n-OancUUolb-mw8nLmzEUN0Mgsej8DPzS1qtSSrpIAR1rNBsLihPhv13tnT8Bi3wXOAeEhqU74U402zqi2sL4Kxr_HFOwPMWLCH1K7UdhPY5rycoPzXtohiwXYIp43RrZ4pYFQfo15l-k3jyQLGrqWUEh226u4AJ8B5M81gbz8XptNtE2mnsGAUddJFVcxGt-dE26Q6JwW50QMZCfyU4aUm5Nfwx55C9u8ZPwfCy4V2jmfOn0wpXh14Td8fHPP0XCLLodwML3sqF2je9KdosfwOoOsF4nlJrGz95eKYMJjOmZMhDFtr9YN9KULhkVkxQ3HVuTYYT2XxpLuWyUiO8xTALWwZB6voAjez0yWOdcoBJuPCW1vIJntMPeJaX2Kuy9RV71AOKDW3MuBKkp3I6LzJ9-2n3S-s5hEpVGkcXD3Z02QazpgKBFnFaLZRnyWfywUkkXrrMw6XoVbbEfPRfEZz1BEVy7lHCWyy1ML3hIgUdojUVGOS-RZSooazHjG2aTEJgkJ7oCr7k57s1leq5EttbNtjD2u0ioGNIAjy4w56evFNmmmvxxFf8uSfa&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA1; OXPCLK=AAHg4AAAAAAAAAA1; ppucnt=53
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA2; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA2; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=54; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=QZGs0sMmh6CDpi3Wpcnv8FvNcQxEvEkPc2cPp_YHJNWUQ62rdfJkEMOk8qZbQJu7qFxYcBdT1kDEB8WFzrJ6WdHOup_txBXlega4hT94n-OancUUolb-mw8nLmzEUN0Mgsej8DPzS1qtSSrpIAR1rNBsLihPhv13tnT8Bi3wXOAeEhqU74U402zqi2sL4Kxr_HFOwPMWLCH1K7UdhPY5rycoPzXtohiwXYIp43RrZ4pYFQfo15l-k3jyQLGrqWUEh226u4AJ8B5M81gbz8XptNtE2mnsGAUddJFVcxGt-dE26Q6JwW50QMZCfyU4aUm5Nfwx55C9u8ZPwfCy4V2jmfOn0wpXh14Td8fHPP0XCLLodwML3sqF2je9KdosfwOoOsF4nlJrGz95eKYMJjOmZMhDFtr9YN9KULhkVkxQ3HVuTYYT2XxpLuWyUiO8xTALWwZB6voAjez0yWOdcoBJuPCW1vIJntMPeJaX2Kuy9RV71AOKDW3MuBKkp3I6LzJ9-2n3S-s5hEpVGkcXD3Z02QazpgKBFnFaLZRnyWfywUkkXrrMw6XoVbbEfPRfEZz1BEVy7lHCWyy1ML3hIgUdojUVGOS-RZSooazHjG2aTEJgkJ7oCr7k57s1leq5EttbNtjD2u0ioGNIAjy4w56evFNmmmvxxFf8uSfa&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dfe62d5380004482910053cbfd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
698270f2c7705a5bdb97a9781e0b055ff183890125bb58a6477bdd5620104002

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA2; OXPCLK=AAHg4AAAAAAAAAA2; ppucnt=54
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA2; OXPCLK=AAHg4AAAAAAAAAA2; ppucnt=54
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=oO-ihj83gDhtE8PoEnANHqrkdyGYarBgaUJ5ejqCQJWGVipFAQDf08xzYU84zwb1CJDT09XjYtbb2Rl_kqHKL4NFXdxPmmc75CVPxwVH8Gk_A_qm0mss_4bmg8g3TaZfXvvXVpNr0uEsnVMuVZ-sdXX69jfe0Ot3damGcsKvTMpPIldAOAze_POL2y_r2GUDZGeJNALx_T29CY_XRmuywCL2fTFbc_39IBMRyFGZ6zuqEuKUAVAPEl9S1WUViZ6EnZz2bXpBzTON_n0ucjQ8fGfJa2oiuQfKhZhSJv_yHylvwhm4AbJf9UlpLq5rinKy0u627l36LADhl9EYn31Q0wFbzAMytcTtjR8a78d0lnwn1Px68mYPe9rv-yMTZ52UV75Vl-ktPi7q3AZPxKUQXO48yX14ua5we5IO9JmM38FQ2VjgKpFkAl7YMDGJatbrNZ3OfM6uOxnrR6b-UKa8pmaxriuafMBWXxUfTcyDBsE5kZ9kUz2CsUMBqsKOBAM80Gl_I2N5nUohJMXxiIe9h-jhHfZeuiY0HEtb0TSQ3y_xBRpVzAzGZKRIH85En-UlsgKdEk_5PZeqr5Dj1BLW5k5075ZiuM9hBYlt5d88lqSPPQbvOp7pQvi5P-rVSFKwAgJL4Bw27ZV24yYzHfYl2ssTy92aquk3WgWg&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
12352259b38d5eaf63b4034b93dd0d435c5fe528ab1f56d49102488c340f3d50

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=oO-ihj83gDhtE8PoEnANHqrkdyGYarBgaUJ5ejqCQJWGVipFAQDf08xzYU84zwb1CJDT09XjYtbb2Rl_kqHKL4NFXdxPmmc75CVPxwVH8Gk_A_qm0mss_4bmg8g3TaZfXvvXVpNr0uEsnVMuVZ-sdXX69jfe0Ot3damGcsKvTMpPIldAOAze_POL2y_r2GUDZGeJNALx_T29CY_XRmuywCL2fTFbc_39IBMRyFGZ6zuqEuKUAVAPEl9S1WUViZ6EnZz2bXpBzTON_n0ucjQ8fGfJa2oiuQfKhZhSJv_yHylvwhm4AbJf9UlpLq5rinKy0u627l36LADhl9EYn31Q0wFbzAMytcTtjR8a78d0lnwn1Px68mYPe9rv-yMTZ52UV75Vl-ktPi7q3AZPxKUQXO48yX14ua5we5IO9JmM38FQ2VjgKpFkAl7YMDGJatbrNZ3OfM6uOxnrR6b-UKa8pmaxriuafMBWXxUfTcyDBsE5kZ9kUz2CsUMBqsKOBAM80Gl_I2N5nUohJMXxiIe9h-jhHfZeuiY0HEtb0TSQ3y_xBRpVzAzGZKRIH85En-UlsgKdEk_5PZeqr5Dj1BLW5k5075ZiuM9hBYlt5d88lqSPPQbvOp7pQvi5P-rVSFKwAgJL4Bw27ZV24yYzHfYl2ssTy92aquk3WgWg&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA2; OXPCLK=AAHg4AAAAAAAAAA2; ppucnt=54
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA3; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA3; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=55; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=oO-ihj83gDhtE8PoEnANHqrkdyGYarBgaUJ5ejqCQJWGVipFAQDf08xzYU84zwb1CJDT09XjYtbb2Rl_kqHKL4NFXdxPmmc75CVPxwVH8Gk_A_qm0mss_4bmg8g3TaZfXvvXVpNr0uEsnVMuVZ-sdXX69jfe0Ot3damGcsKvTMpPIldAOAze_POL2y_r2GUDZGeJNALx_T29CY_XRmuywCL2fTFbc_39IBMRyFGZ6zuqEuKUAVAPEl9S1WUViZ6EnZz2bXpBzTON_n0ucjQ8fGfJa2oiuQfKhZhSJv_yHylvwhm4AbJf9UlpLq5rinKy0u627l36LADhl9EYn31Q0wFbzAMytcTtjR8a78d0lnwn1Px68mYPe9rv-yMTZ52UV75Vl-ktPi7q3AZPxKUQXO48yX14ua5we5IO9JmM38FQ2VjgKpFkAl7YMDGJatbrNZ3OfM6uOxnrR6b-UKa8pmaxriuafMBWXxUfTcyDBsE5kZ9kUz2CsUMBqsKOBAM80Gl_I2N5nUohJMXxiIe9h-jhHfZeuiY0HEtb0TSQ3y_xBRpVzAzGZKRIH85En-UlsgKdEk_5PZeqr5Dj1BLW5k5075ZiuM9hBYlt5d88lqSPPQbvOp7pQvi5P-rVSFKwAgJL4Bw27ZV24yYzHfYl2ssTy92aquk3WgWg&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595716fe1369d416a8311b6589d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
308c3bb07149063407a86d4458bb469a6c1861d06f4756633981b677b3624c06

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA3; OXPCLK=AAHg4AAAAAAAAAA3; ppucnt=55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA3; OXPCLK=AAHg4AAAAAAAAAA3; ppucnt=55
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=PoIxXItVYDVysa7M6j3Txi-9m0U81AlyaIc_0qghSY2lto-gLaSAqm5ZIICYo5arXQ5Rsffxi_UUxUD_C_gmMMsOb04NbVu_p4EdT7CRQmDo8v6Nn7B8-tWQkzbkOVA2pixEpQVsPUkXwv80hMvcI3R0R6W93V-0AQReifpYGpS2SEJMJIDQnJxPIjXogoExQhXS1YmEUPg292tjNDKVVJ6914Ji6Q2-kBy-Ff155lAFjhVeaw9J2isDF9QqMtxwwiuVA5IFQuhHuEyaxOqeTCPw_czOqgKSbTioxut94YT3XtN2LyM6yWdU5EB1409EDLxxBODsX5SMKlzTObbmFsvnR-P9Y3xh06T-H-co1yy8v1ehNx2bIr3rMbX-MmQ6kLNVLAdWdwZeMdvHq9ruLF0Vn7plPnjI8Ot_XihPz8HQXFSPQBE2vcJ-pz243bAtd3An2Yhjwy1Qf5NXZjfApTz4Yifn0-0K5ssmHFCqHNJzMEnRo3Z6QJWsrO4jDgMNUMeMxnntq_6Ngv2c7bfj4O8Gm-kCOdyWSIwIrym9B8mBQEKCOkCCwVHtAkJr7l8siWzLfW2aRk3SZLomqKGP9oyTBdw46JgI8hcbAdu4fzH5BG92hvyHYqb5uElL20cHEUan69mWpGPuWL99BK16gkB2tE26GxwfMRD8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ca18e068a495a9762047f989c20d7b8a82adeb3ae6a9d6dd3750f1421d449ada

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=PoIxXItVYDVysa7M6j3Txi-9m0U81AlyaIc_0qghSY2lto-gLaSAqm5ZIICYo5arXQ5Rsffxi_UUxUD_C_gmMMsOb04NbVu_p4EdT7CRQmDo8v6Nn7B8-tWQkzbkOVA2pixEpQVsPUkXwv80hMvcI3R0R6W93V-0AQReifpYGpS2SEJMJIDQnJxPIjXogoExQhXS1YmEUPg292tjNDKVVJ6914Ji6Q2-kBy-Ff155lAFjhVeaw9J2isDF9QqMtxwwiuVA5IFQuhHuEyaxOqeTCPw_czOqgKSbTioxut94YT3XtN2LyM6yWdU5EB1409EDLxxBODsX5SMKlzTObbmFsvnR-P9Y3xh06T-H-co1yy8v1ehNx2bIr3rMbX-MmQ6kLNVLAdWdwZeMdvHq9ruLF0Vn7plPnjI8Ot_XihPz8HQXFSPQBE2vcJ-pz243bAtd3An2Yhjwy1Qf5NXZjfApTz4Yifn0-0K5ssmHFCqHNJzMEnRo3Z6QJWsrO4jDgMNUMeMxnntq_6Ngv2c7bfj4O8Gm-kCOdyWSIwIrym9B8mBQEKCOkCCwVHtAkJr7l8siWzLfW2aRk3SZLomqKGP9oyTBdw46JgI8hcbAdu4fzH5BG92hvyHYqb5uElL20cHEUan69mWpGPuWL99BK16gkB2tE26GxwfMRD8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA3; OXPCLK=AAHg4AAAAAAAAAA3; ppucnt=55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA4; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA4; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=56; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=PoIxXItVYDVysa7M6j3Txi-9m0U81AlyaIc_0qghSY2lto-gLaSAqm5ZIICYo5arXQ5Rsffxi_UUxUD_C_gmMMsOb04NbVu_p4EdT7CRQmDo8v6Nn7B8-tWQkzbkOVA2pixEpQVsPUkXwv80hMvcI3R0R6W93V-0AQReifpYGpS2SEJMJIDQnJxPIjXogoExQhXS1YmEUPg292tjNDKVVJ6914Ji6Q2-kBy-Ff155lAFjhVeaw9J2isDF9QqMtxwwiuVA5IFQuhHuEyaxOqeTCPw_czOqgKSbTioxut94YT3XtN2LyM6yWdU5EB1409EDLxxBODsX5SMKlzTObbmFsvnR-P9Y3xh06T-H-co1yy8v1ehNx2bIr3rMbX-MmQ6kLNVLAdWdwZeMdvHq9ruLF0Vn7plPnjI8Ot_XihPz8HQXFSPQBE2vcJ-pz243bAtd3An2Yhjwy1Qf5NXZjfApTz4Yifn0-0K5ssmHFCqHNJzMEnRo3Z6QJWsrO4jDgMNUMeMxnntq_6Ngv2c7bfj4O8Gm-kCOdyWSIwIrym9B8mBQEKCOkCCwVHtAkJr7l8siWzLfW2aRk3SZLomqKGP9oyTBdw46JgI8hcbAdu4fzH5BG92hvyHYqb5uElL20cHEUan69mWpGPuWL99BK16gkB2tE26GxwfMRD8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051e460a9817fc4267afaaeb112d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
654d68d69bc647fe9c4426e1b4b4c787d1925045106026de0f1f5fd1920ca0c7

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA4; OXPCLK=AAHg4AAAAAAAAAA4; ppucnt=56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA4; OXPCLK=AAHg4AAAAAAAAAA4; ppucnt=56
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=DIhAKSdcxICJNK6pWf3p-M-TuqOlAfMBcW_y16JmnEummK6ftiGRt09IDLQ_E-VOmRFhNPxnyMmzx2a73dEtVZvNYCk-DkY1hdoDTWpRUDo-KlkbzDB7bWZF96iAdwbCoDultScrtmiuRVGyRXx_hjIS1n_b7uKsF1r5gcuo10GNEsmPXj5srBJNkto_lMjxXY13L4GgzCRvj5LKzUviU-420N64L8oMgeiV8UCRfvGsTZoZgnqDcnXPY2qiU2q90MuVGrhr3M33wtC4ORMpoNNnwQVksQC133Hf7LYCcplpCKH-PovzwxDCm7879i1Ga_3GP9cgy2ae1vbakiePpusW-M2bzic05JgK2QA_ny1z78XVgEpeiOEAyCJR4xXkFHhnYOt-4UShpw9pJ4YKSAFwGYHSbjexK46-T9Myir3gPWMq0S1WbH4OZSZitsUhLygkqhiYDd8fH7sziCLjC55IFYKKf5lN2rIdzaNqgXlDAlo2Zfq0qSid8VyzcWtBsXiL2nxohRwYo5INELpJoZkKI-RjKiG5aB3qgwVZTzKLOkqr82ITrckcrO2LfOCYmZQNONoBGP53WUTi8Gxv_fnnzhRJtUM5kI17eUqW9-BmjzuJ1zB_SUWLGN9mja_oRON-X2iGn4uejvA7FrwmWtpxKyJT9LdKCbl5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a7cef0da5d825fe03e796c777d9cf6e3cd9c31edf6ac0dd766043c9b6ca82eb7

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=DIhAKSdcxICJNK6pWf3p-M-TuqOlAfMBcW_y16JmnEummK6ftiGRt09IDLQ_E-VOmRFhNPxnyMmzx2a73dEtVZvNYCk-DkY1hdoDTWpRUDo-KlkbzDB7bWZF96iAdwbCoDultScrtmiuRVGyRXx_hjIS1n_b7uKsF1r5gcuo10GNEsmPXj5srBJNkto_lMjxXY13L4GgzCRvj5LKzUviU-420N64L8oMgeiV8UCRfvGsTZoZgnqDcnXPY2qiU2q90MuVGrhr3M33wtC4ORMpoNNnwQVksQC133Hf7LYCcplpCKH-PovzwxDCm7879i1Ga_3GP9cgy2ae1vbakiePpusW-M2bzic05JgK2QA_ny1z78XVgEpeiOEAyCJR4xXkFHhnYOt-4UShpw9pJ4YKSAFwGYHSbjexK46-T9Myir3gPWMq0S1WbH4OZSZitsUhLygkqhiYDd8fH7sziCLjC55IFYKKf5lN2rIdzaNqgXlDAlo2Zfq0qSid8VyzcWtBsXiL2nxohRwYo5INELpJoZkKI-RjKiG5aB3qgwVZTzKLOkqr82ITrckcrO2LfOCYmZQNONoBGP53WUTi8Gxv_fnnzhRJtUM5kI17eUqW9-BmjzuJ1zB_SUWLGN9mja_oRON-X2iGn4uejvA7FrwmWtpxKyJT9LdKCbl5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA4; OXPCLK=AAHg4AAAAAAAAAA4; ppucnt=56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA5; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA5; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=57; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=DIhAKSdcxICJNK6pWf3p-M-TuqOlAfMBcW_y16JmnEummK6ftiGRt09IDLQ_E-VOmRFhNPxnyMmzx2a73dEtVZvNYCk-DkY1hdoDTWpRUDo-KlkbzDB7bWZF96iAdwbCoDultScrtmiuRVGyRXx_hjIS1n_b7uKsF1r5gcuo10GNEsmPXj5srBJNkto_lMjxXY13L4GgzCRvj5LKzUviU-420N64L8oMgeiV8UCRfvGsTZoZgnqDcnXPY2qiU2q90MuVGrhr3M33wtC4ORMpoNNnwQVksQC133Hf7LYCcplpCKH-PovzwxDCm7879i1Ga_3GP9cgy2ae1vbakiePpusW-M2bzic05JgK2QA_ny1z78XVgEpeiOEAyCJR4xXkFHhnYOt-4UShpw9pJ4YKSAFwGYHSbjexK46-T9Myir3gPWMq0S1WbH4OZSZitsUhLygkqhiYDd8fH7sziCLjC55IFYKKf5lN2rIdzaNqgXlDAlo2Zfq0qSid8VyzcWtBsXiL2nxohRwYo5INELpJoZkKI-RjKiG5aB3qgwVZTzKLOkqr82ITrckcrO2LfOCYmZQNONoBGP53WUTi8Gxv_fnnzhRJtUM5kI17eUqW9-BmjzuJ1zB_SUWLGN9mja_oRON-X2iGn4uejvA7FrwmWtpxKyJT9LdKCbl5&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c7a9dad8b944cfbbe082ecef1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e9a48ac907e9268a62d7d16c3d301d33663a066d09a9e8ab43075462f2cd2367

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA5; OXPCLK=AAHg4AAAAAAAAAA5; ppucnt=57
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA5; OXPCLK=AAHg4AAAAAAAAAA5; ppucnt=57
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=RfXMFpa7MLoSIhoct5wELruEHHQ8b3HiOF488X5Zb1k1JaGgxMHGUDd-gPaZbd_ghp-OdMdlSVLuiwCnujx1Ot6ka2NLk1KrcWscoXRKjPfACM2wq1GgCEA4gFhH8UGqJ1FFTMBubg-71kWUnh8UC6pf586cbXgNTEXDK7YKPIp5dYfSZQ1J_0aTi8D7rCRIlmBtoNm3KFfGzZJQAz-BF_rri1IvCEhpN-Jd01Usy24EwM5lcV8Nk_bBBR_rNzhydH7E55rZP1ziRdkrEUK5QipHTC4XVz775G4pgol7EbrEd-QpL2jvFcdLgDjczzq7d_VCSktcaxKZj3wVojA3MWggdA6Ga24-cz4vqInF6rl0K6QEVUkVd4KfCmQ_am3M9LERqLehF4HOrJurrpEUuL9_LmZOEtGUCvMXrG9Zy_mXiPwObJsSul9mwMJWdvZQI5iu1eBP04Ly4J1pSYygLGw3yDyqsguRXFv-JLcEaSMFQ33ZE9zAR5l_0hDn8_XyNuWg6dJ0HwGIvCg-2dd8m4kL95E6OfzQip-cHFb0607vbtUch1iP3HjoLiz49QMd18euzhxYY7WHjua7eRJcUQKRdCJlQVT52C6M-ZLwhTUp05izUuzcEZXwNOLvFPwn3o_SNfmXRIuHYWTRJXc4DEbYh0b7ykyKbvW-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
27fa0804446c5a1282c5e12ecfb93a20c92fd26f17b66e1eb524e5723f369dc6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=RfXMFpa7MLoSIhoct5wELruEHHQ8b3HiOF488X5Zb1k1JaGgxMHGUDd-gPaZbd_ghp-OdMdlSVLuiwCnujx1Ot6ka2NLk1KrcWscoXRKjPfACM2wq1GgCEA4gFhH8UGqJ1FFTMBubg-71kWUnh8UC6pf586cbXgNTEXDK7YKPIp5dYfSZQ1J_0aTi8D7rCRIlmBtoNm3KFfGzZJQAz-BF_rri1IvCEhpN-Jd01Usy24EwM5lcV8Nk_bBBR_rNzhydH7E55rZP1ziRdkrEUK5QipHTC4XVz775G4pgol7EbrEd-QpL2jvFcdLgDjczzq7d_VCSktcaxKZj3wVojA3MWggdA6Ga24-cz4vqInF6rl0K6QEVUkVd4KfCmQ_am3M9LERqLehF4HOrJurrpEUuL9_LmZOEtGUCvMXrG9Zy_mXiPwObJsSul9mwMJWdvZQI5iu1eBP04Ly4J1pSYygLGw3yDyqsguRXFv-JLcEaSMFQ33ZE9zAR5l_0hDn8_XyNuWg6dJ0HwGIvCg-2dd8m4kL95E6OfzQip-cHFb0607vbtUch1iP3HjoLiz49QMd18euzhxYY7WHjua7eRJcUQKRdCJlQVT52C6M-ZLwhTUp05izUuzcEZXwNOLvFPwn3o_SNfmXRIuHYWTRJXc4DEbYh0b7ykyKbvW-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA5; OXPCLK=AAHg4AAAAAAAAAA5; ppucnt=57
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA6; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA6; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=58; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=RfXMFpa7MLoSIhoct5wELruEHHQ8b3HiOF488X5Zb1k1JaGgxMHGUDd-gPaZbd_ghp-OdMdlSVLuiwCnujx1Ot6ka2NLk1KrcWscoXRKjPfACM2wq1GgCEA4gFhH8UGqJ1FFTMBubg-71kWUnh8UC6pf586cbXgNTEXDK7YKPIp5dYfSZQ1J_0aTi8D7rCRIlmBtoNm3KFfGzZJQAz-BF_rri1IvCEhpN-Jd01Usy24EwM5lcV8Nk_bBBR_rNzhydH7E55rZP1ziRdkrEUK5QipHTC4XVz775G4pgol7EbrEd-QpL2jvFcdLgDjczzq7d_VCSktcaxKZj3wVojA3MWggdA6Ga24-cz4vqInF6rl0K6QEVUkVd4KfCmQ_am3M9LERqLehF4HOrJurrpEUuL9_LmZOEtGUCvMXrG9Zy_mXiPwObJsSul9mwMJWdvZQI5iu1eBP04Ly4J1pSYygLGw3yDyqsguRXFv-JLcEaSMFQ33ZE9zAR5l_0hDn8_XyNuWg6dJ0HwGIvCg-2dd8m4kL95E6OfzQip-cHFb0607vbtUch1iP3HjoLiz49QMd18euzhxYY7WHjua7eRJcUQKRdCJlQVT52C6M-ZLwhTUp05izUuzcEZXwNOLvFPwn3o_SNfmXRIuHYWTRJXc4DEbYh0b7ykyKbvW-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e306e9cfe6f149999d3570280a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c7409da7e49ad451009850755a62a3a63f8d6642c51569915f71ef35dc4ec6b6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA6; OXPCLK=AAHg4AAAAAAAAAA6; ppucnt=58
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA6; OXPCLK=AAHg4AAAAAAAAAA6; ppucnt=58
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=eV8Ug3wvfA2-niqJ0589rc57KbbFC4UpcdNrBNaJwuyPHcwjs8vYvJ2Fbg_gyyDhWDk_2YSuLS-InR4P9fO0JCdqb7Kt2rSLHg7S1SsqavuJztJU3Ebgp55iw6LKYB3r3qg6lO4pnJi4wosPTre4NYinL-2FwZ6yogGByTyJOMt7CbtR0m8lMQwchWDkFpXAlUplbHZPmr4wnMWJilposZgu1UmgJAEg8TZCrl8ijrnSnehbjakGeU7U059M5HoEhaBwB94I4bLopci_9s9zrhNrJvA47FY2jAWP5vDCPAaA47_tI6alQuqmRS28rbY12OziQrAqEo67bubkP1ecZzB9YZ2bZBBw4NjJoAYWj0lj7hvO3_oBGp2fjZnMZSoGB3ZTlRReULphcFkX4xDj1dfFcql07MrOQT6Xv0MT_vH5est5arAe2vcHjxTOo2upMkCXtez1c9F_Jo01a9QWQOHXbiYR7lcnEOu745ULIX-h7M4NYelC7BBsnjOef8nikxgHh1wS9zogJzv8-2wd92sKez1XlO2oGGXkrXUbhAvOW6JsiQ3qT5UoPKZ8QTSulaYgA2uhB6Fbh-oGP_tP-WkE8J4zVfsNCFp1Ii-UwbKhT2aDAJMmBxtUOCdojPts_PRqPO1570VFaEq-hntaYXMZmvK5g70FbFa3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
90bf2028b58a404292c35b401a763857d3f265fc2e465b5397652a8070afa565

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=eV8Ug3wvfA2-niqJ0589rc57KbbFC4UpcdNrBNaJwuyPHcwjs8vYvJ2Fbg_gyyDhWDk_2YSuLS-InR4P9fO0JCdqb7Kt2rSLHg7S1SsqavuJztJU3Ebgp55iw6LKYB3r3qg6lO4pnJi4wosPTre4NYinL-2FwZ6yogGByTyJOMt7CbtR0m8lMQwchWDkFpXAlUplbHZPmr4wnMWJilposZgu1UmgJAEg8TZCrl8ijrnSnehbjakGeU7U059M5HoEhaBwB94I4bLopci_9s9zrhNrJvA47FY2jAWP5vDCPAaA47_tI6alQuqmRS28rbY12OziQrAqEo67bubkP1ecZzB9YZ2bZBBw4NjJoAYWj0lj7hvO3_oBGp2fjZnMZSoGB3ZTlRReULphcFkX4xDj1dfFcql07MrOQT6Xv0MT_vH5est5arAe2vcHjxTOo2upMkCXtez1c9F_Jo01a9QWQOHXbiYR7lcnEOu745ULIX-h7M4NYelC7BBsnjOef8nikxgHh1wS9zogJzv8-2wd92sKez1XlO2oGGXkrXUbhAvOW6JsiQ3qT5UoPKZ8QTSulaYgA2uhB6Fbh-oGP_tP-WkE8J4zVfsNCFp1Ii-UwbKhT2aDAJMmBxtUOCdojPts_PRqPO1570VFaEq-hntaYXMZmvK5g70FbFa3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA6; OXPCLK=AAHg4AAAAAAAAAA6; ppucnt=58
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA7; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA7; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure ppucnt=59; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:41 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=eV8Ug3wvfA2-niqJ0589rc57KbbFC4UpcdNrBNaJwuyPHcwjs8vYvJ2Fbg_gyyDhWDk_2YSuLS-InR4P9fO0JCdqb7Kt2rSLHg7S1SsqavuJztJU3Ebgp55iw6LKYB3r3qg6lO4pnJi4wosPTre4NYinL-2FwZ6yogGByTyJOMt7CbtR0m8lMQwchWDkFpXAlUplbHZPmr4wnMWJilposZgu1UmgJAEg8TZCrl8ijrnSnehbjakGeU7U059M5HoEhaBwB94I4bLopci_9s9zrhNrJvA47FY2jAWP5vDCPAaA47_tI6alQuqmRS28rbY12OziQrAqEo67bubkP1ecZzB9YZ2bZBBw4NjJoAYWj0lj7hvO3_oBGp2fjZnMZSoGB3ZTlRReULphcFkX4xDj1dfFcql07MrOQT6Xv0MT_vH5est5arAe2vcHjxTOo2upMkCXtez1c9F_Jo01a9QWQOHXbiYR7lcnEOu745ULIX-h7M4NYelC7BBsnjOef8nikxgHh1wS9zogJzv8-2wd92sKez1XlO2oGGXkrXUbhAvOW6JsiQ3qT5UoPKZ8QTSulaYgA2uhB6Fbh-oGP_tP-WkE8J4zVfsNCFp1Ii-UwbKhT2aDAJMmBxtUOCdojPts_PRqPO1570VFaEq-hntaYXMZmvK5g70FbFa3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:41 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054d90476e217e48b28e11d4e75d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:41 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:41 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
79a6895bcc25700083c36bdd644e86e0b6254152be3a3681e9e9c0fab8214614

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA7; OXPCLK=AAHg4AAAAAAAAAA7; ppucnt=59
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA7; OXPCLK=AAHg4AAAAAAAAAA7; ppucnt=59
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=H3HSgntP0y0nkfKgDHZ5rs0XL8Kxp79EnzNs081NISCiaRcb9gBF6N7DrvGJaKX-st6mj5d0gf65TyURrYhqBuauEtQO4HYovXiHMiDtcOvq9qdWSY4FG92E4_4AJx3qaLJO3Pb1iUf9UznZ3K8nyzD42bWW85v_XPgAqvzsQAFIvN1ywm6oAiqq1cdspH9VdKz061Ty1Jlih25Nw3_2WV-wIki6dDLHuQeO6TkyXrbrjMTtRik7_rCodOtBKQGUaxdsE4XfaQAaD0UfD1gXuGsben1VK9xZP9VnPl_TgSk7LEgA6GoplUxSUaRKWpkTNRFvtntYefolf6seSOOzJv8TrwyNZPgeVSYlh4iCkx2rz07D9ho3ak_vMOViu7qexwwAJNPaOqkpZca3lerGwMuHeh4uF1rWPyFqiNGbdCeuRGg4H9f720TzeJDlfIiayKZOZqIre-kiZEBt1H8pkTTEujSwBn11VNpPp_OPUurYyR-5iNsgels1thKN5jmfu0XbtokJ2QxJ9uxaZTOknAMjR1yCp3-v5-pS-vKbMQHEj0FvO5FgYoRYPZLzwo9tmSEBczaB6uaSdLnodxYVXB2xrlhBKZRXkKAsTuDFkNRhCV8-bQsqlN1vMxECnud1La7z-_hak1fD8a1brjML-3wTDS3B5S5mkDsc&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1819605035a60da2c2221d397a415c1f44a646cb7b2e1461240768a35f2df69c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=H3HSgntP0y0nkfKgDHZ5rs0XL8Kxp79EnzNs081NISCiaRcb9gBF6N7DrvGJaKX-st6mj5d0gf65TyURrYhqBuauEtQO4HYovXiHMiDtcOvq9qdWSY4FG92E4_4AJx3qaLJO3Pb1iUf9UznZ3K8nyzD42bWW85v_XPgAqvzsQAFIvN1ywm6oAiqq1cdspH9VdKz061Ty1Jlih25Nw3_2WV-wIki6dDLHuQeO6TkyXrbrjMTtRik7_rCodOtBKQGUaxdsE4XfaQAaD0UfD1gXuGsben1VK9xZP9VnPl_TgSk7LEgA6GoplUxSUaRKWpkTNRFvtntYefolf6seSOOzJv8TrwyNZPgeVSYlh4iCkx2rz07D9ho3ak_vMOViu7qexwwAJNPaOqkpZca3lerGwMuHeh4uF1rWPyFqiNGbdCeuRGg4H9f720TzeJDlfIiayKZOZqIre-kiZEBt1H8pkTTEujSwBn11VNpPp_OPUurYyR-5iNsgels1thKN5jmfu0XbtokJ2QxJ9uxaZTOknAMjR1yCp3-v5-pS-vKbMQHEj0FvO5FgYoRYPZLzwo9tmSEBczaB6uaSdLnodxYVXB2xrlhBKZRXkKAsTuDFkNRhCV8-bQsqlN1vMxECnud1La7z-_hak1fD8a1brjML-3wTDS3B5S5mkDsc&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA7; OXPCLK=AAHg4AAAAAAAAAA7; ppucnt=59
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA8; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA8; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=60; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=eecce2e9221dfdc3c2dd75a5e46d7f831631480741&psp=H3HSgntP0y0nkfKgDHZ5rs0XL8Kxp79EnzNs081NISCiaRcb9gBF6N7DrvGJaKX-st6mj5d0gf65TyURrYhqBuauEtQO4HYovXiHMiDtcOvq9qdWSY4FG92E4_4AJx3qaLJO3Pb1iUf9UznZ3K8nyzD42bWW85v_XPgAqvzsQAFIvN1ywm6oAiqq1cdspH9VdKz061Ty1Jlih25Nw3_2WV-wIki6dDLHuQeO6TkyXrbrjMTtRik7_rCodOtBKQGUaxdsE4XfaQAaD0UfD1gXuGsben1VK9xZP9VnPl_TgSk7LEgA6GoplUxSUaRKWpkTNRFvtntYefolf6seSOOzJv8TrwyNZPgeVSYlh4iCkx2rz07D9ho3ak_vMOViu7qexwwAJNPaOqkpZca3lerGwMuHeh4uF1rWPyFqiNGbdCeuRGg4H9f720TzeJDlfIiayKZOZqIre-kiZEBt1H8pkTTEujSwBn11VNpPp_OPUurYyR-5iNsgels1thKN5jmfu0XbtokJ2QxJ9uxaZTOknAMjR1yCp3-v5-pS-vKbMQHEj0FvO5FgYoRYPZLzwo9tmSEBczaB6uaSdLnodxYVXB2xrlhBKZRXkKAsTuDFkNRhCV8-bQsqlN1vMxECnud1La7z-_hak1fD8a1brjML-3wTDS3B5S5mkDsc&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bc6c341b6aa4409a8330083b32&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1f6d475a5a1a396d9396cfe853fac94ad1263fb52c91c29f500722e3c6f9b5da

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA8; OXPCLK=AAHg4AAAAAAAAAA8; ppucnt=60
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA8; OXPCLK=AAHg4AAAAAAAAAA8; ppucnt=60
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=mU-0Jhpi7rPh5lm4rkLpOR-g-wwF8EYNNrWHYK8O35lvy_q-jWBRJiXtFgI4ZbLlLfZfkd8AJ8ks2cKI2CATqmyOarkOaQp74x8r_E7epWE9lCN6-1x25BdHUeuHHG2GzVPIF4j_VuCk1cEUgtu01n36j6FDj-46xsetcjd0zvNoET7ubvOGYk-UuBx6I0YS-PcxYflYYGQ5WhPYfLUQXSwjsxCRtDJSH9yDHiJeoMr0QF0KztYgTHzAhk6Q7NelPuEbnxImVhsqU9yzMt0DsmHhOp7om_gsxRd8bj8hP_mdtGxhEy8G8M0aHRB7ckJuw8p4WEpiD4nCyC8C3Cf32kc90UcWOXzCtHq5Y10sGT3JzlCwI_RjyBmfFLnuiBjBKU08Hlnd3Knehcfbqa6teWym3r0aioJMUkHxB6j5ZBmauXs-iQm97s7IzWMo2rUVBwHfeXOFoP6z34MvTo3M05o38Qq2Szzd8CKybQvBHCTQwsCsYGiemj02pqvz2IapBhFvtQT-63T5Y0caSuJDIoFG2YpQL6L7jPX9mfx8nR5k3w0EgMa7HgPfuI87NiA7XxGRcBNDbkcr1BGDKBzT5D_VtrLuUEs4FLYKrS1EJ-k3GueoIVBDic_138URZ7pUnAanfBcbSaMFkYuvc6mnpyLmLQlLDOAsEt-n&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e8ba1c33ba96e9fd98e08fbdb14aa309d63cd6a53c6d742cca40671c480c8f1d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=mU-0Jhpi7rPh5lm4rkLpOR-g-wwF8EYNNrWHYK8O35lvy_q-jWBRJiXtFgI4ZbLlLfZfkd8AJ8ks2cKI2CATqmyOarkOaQp74x8r_E7epWE9lCN6-1x25BdHUeuHHG2GzVPIF4j_VuCk1cEUgtu01n36j6FDj-46xsetcjd0zvNoET7ubvOGYk-UuBx6I0YS-PcxYflYYGQ5WhPYfLUQXSwjsxCRtDJSH9yDHiJeoMr0QF0KztYgTHzAhk6Q7NelPuEbnxImVhsqU9yzMt0DsmHhOp7om_gsxRd8bj8hP_mdtGxhEy8G8M0aHRB7ckJuw8p4WEpiD4nCyC8C3Cf32kc90UcWOXzCtHq5Y10sGT3JzlCwI_RjyBmfFLnuiBjBKU08Hlnd3Knehcfbqa6teWym3r0aioJMUkHxB6j5ZBmauXs-iQm97s7IzWMo2rUVBwHfeXOFoP6z34MvTo3M05o38Qq2Szzd8CKybQvBHCTQwsCsYGiemj02pqvz2IapBhFvtQT-63T5Y0caSuJDIoFG2YpQL6L7jPX9mfx8nR5k3w0EgMa7HgPfuI87NiA7XxGRcBNDbkcr1BGDKBzT5D_VtrLuUEs4FLYKrS1EJ-k3GueoIVBDic_138URZ7pUnAanfBcbSaMFkYuvc6mnpyLmLQlLDOAsEt-n&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA8; OXPCLK=AAHg4AAAAAAAAAA8; ppucnt=60
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA9; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA9; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=61; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=mU-0Jhpi7rPh5lm4rkLpOR-g-wwF8EYNNrWHYK8O35lvy_q-jWBRJiXtFgI4ZbLlLfZfkd8AJ8ks2cKI2CATqmyOarkOaQp74x8r_E7epWE9lCN6-1x25BdHUeuHHG2GzVPIF4j_VuCk1cEUgtu01n36j6FDj-46xsetcjd0zvNoET7ubvOGYk-UuBx6I0YS-PcxYflYYGQ5WhPYfLUQXSwjsxCRtDJSH9yDHiJeoMr0QF0KztYgTHzAhk6Q7NelPuEbnxImVhsqU9yzMt0DsmHhOp7om_gsxRd8bj8hP_mdtGxhEy8G8M0aHRB7ckJuw8p4WEpiD4nCyC8C3Cf32kc90UcWOXzCtHq5Y10sGT3JzlCwI_RjyBmfFLnuiBjBKU08Hlnd3Knehcfbqa6teWym3r0aioJMUkHxB6j5ZBmauXs-iQm97s7IzWMo2rUVBwHfeXOFoP6z34MvTo3M05o38Qq2Szzd8CKybQvBHCTQwsCsYGiemj02pqvz2IapBhFvtQT-63T5Y0caSuJDIoFG2YpQL6L7jPX9mfx8nR5k3w0EgMa7HgPfuI87NiA7XxGRcBNDbkcr1BGDKBzT5D_VtrLuUEs4FLYKrS1EJ-k3GueoIVBDic_138URZ7pUnAanfBcbSaMFkYuvc6mnpyLmLQlLDOAsEt-n&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2c3efcf4d2c4cde883d5f6f67&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e816b37ca6a7cfe2682c340d52cb92e0b780f25195907849a8787a1cbcf8fd49

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA9; OXPCLK=AAHg4AAAAAAAAAA9; ppucnt=61
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA9; OXPCLK=AAHg4AAAAAAAAAA9; ppucnt=61
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=ESHcOV5892-Lk0WvyG7lxkMkmyRGOpVFjKaBjhDVj39LDkoI27En9z2pltQ11Svv5IqwVdKKfGlrKF_L_BzefDzuEzfzd04MOxMeTOvkedbQB-Jup1dAXD_N_yfZjeo0vHSiOfQLHwT24dVdGp6xLn6_7fDkwYuDKglYhG9nHgtbTAsw4tzU8J3QzJFFOkzd6EBCMdTM5NIrnDpXRAvYCUKjxVJ822zgpYnZPIFkXSZjOQzBEdVod0tsw1LtlSnYMDG5U552NWdsWgWo3g28Naq8LJMRoRuliPhPvBRkpIig2NPSyS9ycm1YU7srSByt4DdomVeZuc_DqwcjDD2HQHPaVxUjuedyq55aTUWfZ3WoiQqOq0RBV0waZU0rGvPJ74SC9YW7oFPofbGRcE_ouzsihSLf90RKTSwkMqC7DE1_FjFCu8b7zcUAyjOakf7RPOAQJURHvAy70TzOl_fGEdASFhXZiAxyscEYoJAqykPwyXqoBdKS2tGGTALlCjWIzWqsY-0qWIpF27hkOygjOBgP-UeudEntNYUnMYr2ZKmm_BkDOIEuuE0xYqFSI0fGhsW1yrauAVPuX3eS-vCg6CoX6ZdFGAgi6Azacki6rgnEjfgn-ke46QyqHhefnN77PvrFe2fzvDrIcVh9MP0WyjgCYQuYhy4CdVyU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b0d852e5517eb9319dc6cae45c66f6cf37954c8c8d82f6b36a13584221aaee88

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=ESHcOV5892-Lk0WvyG7lxkMkmyRGOpVFjKaBjhDVj39LDkoI27En9z2pltQ11Svv5IqwVdKKfGlrKF_L_BzefDzuEzfzd04MOxMeTOvkedbQB-Jup1dAXD_N_yfZjeo0vHSiOfQLHwT24dVdGp6xLn6_7fDkwYuDKglYhG9nHgtbTAsw4tzU8J3QzJFFOkzd6EBCMdTM5NIrnDpXRAvYCUKjxVJ822zgpYnZPIFkXSZjOQzBEdVod0tsw1LtlSnYMDG5U552NWdsWgWo3g28Naq8LJMRoRuliPhPvBRkpIig2NPSyS9ycm1YU7srSByt4DdomVeZuc_DqwcjDD2HQHPaVxUjuedyq55aTUWfZ3WoiQqOq0RBV0waZU0rGvPJ74SC9YW7oFPofbGRcE_ouzsihSLf90RKTSwkMqC7DE1_FjFCu8b7zcUAyjOakf7RPOAQJURHvAy70TzOl_fGEdASFhXZiAxyscEYoJAqykPwyXqoBdKS2tGGTALlCjWIzWqsY-0qWIpF27hkOygjOBgP-UeudEntNYUnMYr2ZKmm_BkDOIEuuE0xYqFSI0fGhsW1yrauAVPuX3eS-vCg6CoX6ZdFGAgi6Azacki6rgnEjfgn-ke46QyqHhefnN77PvrFe2fzvDrIcVh9MP0WyjgCYQuYhy4CdVyU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA9; OXPCLK=AAHg4AAAAAAAAAA9; ppucnt=61
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA%2B; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA%2B; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=62; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=ESHcOV5892-Lk0WvyG7lxkMkmyRGOpVFjKaBjhDVj39LDkoI27En9z2pltQ11Svv5IqwVdKKfGlrKF_L_BzefDzuEzfzd04MOxMeTOvkedbQB-Jup1dAXD_N_yfZjeo0vHSiOfQLHwT24dVdGp6xLn6_7fDkwYuDKglYhG9nHgtbTAsw4tzU8J3QzJFFOkzd6EBCMdTM5NIrnDpXRAvYCUKjxVJ822zgpYnZPIFkXSZjOQzBEdVod0tsw1LtlSnYMDG5U552NWdsWgWo3g28Naq8LJMRoRuliPhPvBRkpIig2NPSyS9ycm1YU7srSByt4DdomVeZuc_DqwcjDD2HQHPaVxUjuedyq55aTUWfZ3WoiQqOq0RBV0waZU0rGvPJ74SC9YW7oFPofbGRcE_ouzsihSLf90RKTSwkMqC7DE1_FjFCu8b7zcUAyjOakf7RPOAQJURHvAy70TzOl_fGEdASFhXZiAxyscEYoJAqykPwyXqoBdKS2tGGTALlCjWIzWqsY-0qWIpF27hkOygjOBgP-UeudEntNYUnMYr2ZKmm_BkDOIEuuE0xYqFSI0fGhsW1yrauAVPuX3eS-vCg6CoX6ZdFGAgi6Azacki6rgnEjfgn-ke46QyqHhefnN77PvrFe2fzvDrIcVh9MP0WyjgCYQuYhy4CdVyU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b30719d3a86441fb9d23e550b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
04b8e0b2b8732f243594ddb56ee8d01c82ea61b59c8d49a26ae003293c2c9650

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA%2B; OXPCLK=AAHg4AAAAAAAAAA%2B; ppucnt=62
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA%2B; OXPCLK=AAHg4AAAAAAAAAA%2B; ppucnt=62
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=1wcpa0r-q-0EsQXun_j8A0TjX6pd3Gl3_LT4dbQoWCerVSqg77aaIn1AGRtuExfVn247clFwhCvHaNqsAW7k_-SY_hX_ftsTw9s0jQPBKGDo9Q_rQep6aNceTF11AIAymvTqYqzEOWso4ORaFwaE_HR_ypwz8E9zt5HEyff_9jFN8nto0VNlQutc-cJP3xAXNbbFj4lyiT50lu7zd2zBOzQZCcB6s0t6KlMT7UGEEILGGAUxojaXXfoHOu-HZPHFxB6pawpgQeT2EcWmeOKCrOQbS6PNLKamxC-4KJWV4rzOIxhr3-kDfMsF1B8s773YOzPqnN_J9Gv5X-QnOSSHJ5SACv-7qK7-I4Wqy_BqzcQ_8p1PxKBqTobssVSAN3ayhjaCbVdY7bDeX4j20qEjCvV4tNwKbinfB7Pg-M1VmhHa1eh5Oqz2dInzpp9XmI09-kRrDRCouhs1AEwHCYwKR2gW_H9yS4YcjIwKOTekSLipmPxip5ge8nWrZ9Yfbm-lAM-MFSI48xDOOcYMJIoMPi_7mmSfxd7SVL0Hq4UiSpw1UyYUoZxqVyfnzD30dz0PkCTHeiR847uQ3ZfGVQ1pf58IuxmClpJfp5YkrN_2tRN2pr1DZ3fSSCZCz8dmGSxxglksMd-90VM379_J-b13JgAsFvRbDwiPp2oZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=1wcpa0r-q-0EsQXun_j8A0TjX6pd3Gl3_LT4dbQoWCerVSqg77aaIn1AGRtuExfVn247clFwhCvHaNqsAW7k_-SY_hX_ftsTw9s0jQPBKGDo9Q_rQep6aNceTF11AIAymvTqYqzEOWso4ORaFwaE_HR_ypwz8E9zt5HEyff_9jFN8nto0VNlQutc-cJP3xAXNbbFj4lyiT50lu7zd2zBOzQZCcB6s0t6KlMT7UGEEILGGAUxojaXXfoHOu-HZPHFxB6pawpgQeT2EcWmeOKCrOQbS6PNLKamxC-4KJWV4rzOIxhr3-kDfMsF1B8s773YOzPqnN_J9Gv5X-QnOSSHJ5SACv-7qK7-I4Wqy_BqzcQ_8p1PxKBqTobssVSAN3ayhjaCbVdY7bDeX4j20qEjCvV4tNwKbinfB7Pg-M1VmhHa1eh5Oqz2dInzpp9XmI09-kRrDRCouhs1AEwHCYwKR2gW_H9yS4YcjIwKOTekSLipmPxip5ge8nWrZ9Yfbm-lAM-MFSI48xDOOcYMJIoMPi_7mmSfxd7SVL0Hq4UiSpw1UyYUoZxqVyfnzD30dz0PkCTHeiR847uQ3ZfGVQ1pf58IuxmClpJfp5YkrN_2tRN2pr1DZ3fSSCZCz8dmGSxxglksMd-90VM379_J-b13JgAsFvRbDwiPp2oZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA%2B; OXPCLK=AAHg4AAAAAAAAAA%2B; ppucnt=62
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAA%2F; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAAA%2F; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=63; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=1wcpa0r-q-0EsQXun_j8A0TjX6pd3Gl3_LT4dbQoWCerVSqg77aaIn1AGRtuExfVn247clFwhCvHaNqsAW7k_-SY_hX_ftsTw9s0jQPBKGDo9Q_rQep6aNceTF11AIAymvTqYqzEOWso4ORaFwaE_HR_ypwz8E9zt5HEyff_9jFN8nto0VNlQutc-cJP3xAXNbbFj4lyiT50lu7zd2zBOzQZCcB6s0t6KlMT7UGEEILGGAUxojaXXfoHOu-HZPHFxB6pawpgQeT2EcWmeOKCrOQbS6PNLKamxC-4KJWV4rzOIxhr3-kDfMsF1B8s773YOzPqnN_J9Gv5X-QnOSSHJ5SACv-7qK7-I4Wqy_BqzcQ_8p1PxKBqTobssVSAN3ayhjaCbVdY7bDeX4j20qEjCvV4tNwKbinfB7Pg-M1VmhHa1eh5Oqz2dInzpp9XmI09-kRrDRCouhs1AEwHCYwKR2gW_H9yS4YcjIwKOTekSLipmPxip5ge8nWrZ9Yfbm-lAM-MFSI48xDOOcYMJIoMPi_7mmSfxd7SVL0Hq4UiSpw1UyYUoZxqVyfnzD30dz0PkCTHeiR847uQ3ZfGVQ1pf58IuxmClpJfp5YkrN_2tRN2pr1DZ3fSSCZCz8dmGSxxglksMd-90VM379_J-b13JgAsFvRbDwiPp2oZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053b5c11cc5af64c55ad32b93b0e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c5e663def8f48b0a06daffdaf96e7305ee74054ad62596716f3d5c8261b4b385

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA%2F; OXPCLK=AAHg4AAAAAAAAAA%2F; ppucnt=63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA%2F; OXPCLK=AAHg4AAAAAAAAAA%2F; ppucnt=63
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=xkvqffJeoNqca1ODZgbj0fDiq7R6EyOfmRLv1-KCxV6A7zLumjNxIMOBMRnuPs6pS1-BwhqlvDpaRGwHbASIB-_BKFDFL-ntqwSPQ2wlaKM3Vz0fcq_hwcldZ_tiKkzPJt5u1xATI-p2gRhq6EOjTUEzUr0KDM5dPhALOT13UzZ8pLzXNjR4vmr2_1NMat5OnjjR78VhRQCRQoFy70Wi70Mg55P-JH7Io-OfF8HL5_Dt78ThLXA85kQMPGJgTPXJOTN_zntbkkacup_OLtb754qeVmLfcFpJlOpMtqn7ABs_1rMDcRbiFLbB--n2JQ0zKWWkOAObOnBh7lMrKkw4_LJHWzVu2BJOZrhP8uzOrPvVPOYMKVZlhU2xu8-h0lXrDiBvwX4_qhQRN63KiPzqpnShH7XoDSx5WYrqpfrMRbPbpfRjCLV9AdjtWmXA01xQLBWmBA2sA5Pq9apYtdpkGQrRa0kfzHLmV9sFEUfByworA5GBffziiDxj8wVqN0SayfzLutv8l85JFGnxEGGP7-koukfKynmMMtK6zJiVEW6lcmsumbd22Hgay_HZsegTGwJcpQsJOa0Q1J8N7crVFF-6qQyVzXL16JjsHWEqj33qbvqOfPo4DtaWCRHdJrIUlnjAv8w_kxcNY_SF0n-HyRaPe_rzYCb_vF-1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a53dc13441050e9b4fe75bd24a3e20ab1791481c198d0233d77fe0c24a7734c7

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=xkvqffJeoNqca1ODZgbj0fDiq7R6EyOfmRLv1-KCxV6A7zLumjNxIMOBMRnuPs6pS1-BwhqlvDpaRGwHbASIB-_BKFDFL-ntqwSPQ2wlaKM3Vz0fcq_hwcldZ_tiKkzPJt5u1xATI-p2gRhq6EOjTUEzUr0KDM5dPhALOT13UzZ8pLzXNjR4vmr2_1NMat5OnjjR78VhRQCRQoFy70Wi70Mg55P-JH7Io-OfF8HL5_Dt78ThLXA85kQMPGJgTPXJOTN_zntbkkacup_OLtb754qeVmLfcFpJlOpMtqn7ABs_1rMDcRbiFLbB--n2JQ0zKWWkOAObOnBh7lMrKkw4_LJHWzVu2BJOZrhP8uzOrPvVPOYMKVZlhU2xu8-h0lXrDiBvwX4_qhQRN63KiPzqpnShH7XoDSx5WYrqpfrMRbPbpfRjCLV9AdjtWmXA01xQLBWmBA2sA5Pq9apYtdpkGQrRa0kfzHLmV9sFEUfByworA5GBffziiDxj8wVqN0SayfzLutv8l85JFGnxEGGP7-koukfKynmMMtK6zJiVEW6lcmsumbd22Hgay_HZsegTGwJcpQsJOa0Q1J8N7crVFF-6qQyVzXL16JjsHWEqj33qbvqOfPo4DtaWCRHdJrIUlnjAv8w_kxcNY_SF0n-HyRaPe_rzYCb_vF-1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAA%2F; OXPCLK=AAHg4AAAAAAAAAA%2F; ppucnt=63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABA; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAABA; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=64; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=xkvqffJeoNqca1ODZgbj0fDiq7R6EyOfmRLv1-KCxV6A7zLumjNxIMOBMRnuPs6pS1-BwhqlvDpaRGwHbASIB-_BKFDFL-ntqwSPQ2wlaKM3Vz0fcq_hwcldZ_tiKkzPJt5u1xATI-p2gRhq6EOjTUEzUr0KDM5dPhALOT13UzZ8pLzXNjR4vmr2_1NMat5OnjjR78VhRQCRQoFy70Wi70Mg55P-JH7Io-OfF8HL5_Dt78ThLXA85kQMPGJgTPXJOTN_zntbkkacup_OLtb754qeVmLfcFpJlOpMtqn7ABs_1rMDcRbiFLbB--n2JQ0zKWWkOAObOnBh7lMrKkw4_LJHWzVu2BJOZrhP8uzOrPvVPOYMKVZlhU2xu8-h0lXrDiBvwX4_qhQRN63KiPzqpnShH7XoDSx5WYrqpfrMRbPbpfRjCLV9AdjtWmXA01xQLBWmBA2sA5Pq9apYtdpkGQrRa0kfzHLmV9sFEUfByworA5GBffziiDxj8wVqN0SayfzLutv8l85JFGnxEGGP7-koukfKynmMMtK6zJiVEW6lcmsumbd22Hgay_HZsegTGwJcpQsJOa0Q1J8N7crVFF-6qQyVzXL16JjsHWEqj33qbvqOfPo4DtaWCRHdJrIUlnjAv8w_kxcNY_SF0n-HyRaPe_rzYCb_vF-1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140543294ec5782246b2b4dff96d4a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9f84798c49c8cfd8146e37ce70c0028c59029397220919eaa1de0e0b1f1cd19d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABA; OXPCLK=AAHg4AAAAAAAAABA; ppucnt=64
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABA; OXPCLK=AAHg4AAAAAAAAABA; ppucnt=64
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=bjCTFwTDaX_hz2WeQhyE1pPXQL_n7an3nn-cCxoQteDD5Tj43aAO2DB6x2pGtP-7Y7uGdwgOH9RohP1uf3-R6BmDkOUTMrjKEznP4FeP5N2buNF2QhJ5hKdSPVV9VN0sLtBHgjJpMjYJttNlsCOAmHXA3y3hq6AnqEpvQPK6wLZBHaM0DzlrwG4t3DE0-lGtlIVbgvQ3AwHouL_QUzI_b-xiHiAafqIG1JCgmTzJzV7lVr0eCQUc8u8d8N6Y_bkbF4fdtnxsm0T9OOqXRJLfOJq6cC3Vl0hd-k9_S9bHynFrpOIbZxRtsqGRn2HKL6pqRU1uD9sRK72lB6WNuvT45hP5sbCuXVidrYIuUkiBHTQkPJ1XYTPFTnAZzQID-5bTEEQd9r0TlTJm8AKcKobybXvxYPhWa2pSnlki9ZytebVQSK9K-jcwQmRmvJnpNjZskZcgfmh4yCQALpDqP5hC1fG5GPHOJquhNeNPlSdlyXdsyMiUGOdktG-XUF4uCOAqYlx1PKd1LJI6ywwjUYkIEo2wt4XXg8Z55BnmUwUPHJtR1dyNrUKLNdbZWRZ57ECnlR23Te6aJ_bGnhYEgXHMCOMFFfn8wNPKca2yd6BibgoNbkW7owodhukgQmJYyk2S2h3O3FHu5kq9nKkdqCdhpsjOf8l6snGOmMYn&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
140b064871ee16fa14be37306c2b8da34daddf18a8957e4363c6a69ae98e7d45

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=bjCTFwTDaX_hz2WeQhyE1pPXQL_n7an3nn-cCxoQteDD5Tj43aAO2DB6x2pGtP-7Y7uGdwgOH9RohP1uf3-R6BmDkOUTMrjKEznP4FeP5N2buNF2QhJ5hKdSPVV9VN0sLtBHgjJpMjYJttNlsCOAmHXA3y3hq6AnqEpvQPK6wLZBHaM0DzlrwG4t3DE0-lGtlIVbgvQ3AwHouL_QUzI_b-xiHiAafqIG1JCgmTzJzV7lVr0eCQUc8u8d8N6Y_bkbF4fdtnxsm0T9OOqXRJLfOJq6cC3Vl0hd-k9_S9bHynFrpOIbZxRtsqGRn2HKL6pqRU1uD9sRK72lB6WNuvT45hP5sbCuXVidrYIuUkiBHTQkPJ1XYTPFTnAZzQID-5bTEEQd9r0TlTJm8AKcKobybXvxYPhWa2pSnlki9ZytebVQSK9K-jcwQmRmvJnpNjZskZcgfmh4yCQALpDqP5hC1fG5GPHOJquhNeNPlSdlyXdsyMiUGOdktG-XUF4uCOAqYlx1PKd1LJI6ywwjUYkIEo2wt4XXg8Z55BnmUwUPHJtR1dyNrUKLNdbZWRZ57ECnlR23Te6aJ_bGnhYEgXHMCOMFFfn8wNPKca2yd6BibgoNbkW7owodhukgQmJYyk2S2h3O3FHu5kq9nKkdqCdhpsjOf8l6snGOmMYn&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABA; OXPCLK=AAHg4AAAAAAAAABA; ppucnt=64
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABB; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAABB; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=65; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=bjCTFwTDaX_hz2WeQhyE1pPXQL_n7an3nn-cCxoQteDD5Tj43aAO2DB6x2pGtP-7Y7uGdwgOH9RohP1uf3-R6BmDkOUTMrjKEznP4FeP5N2buNF2QhJ5hKdSPVV9VN0sLtBHgjJpMjYJttNlsCOAmHXA3y3hq6AnqEpvQPK6wLZBHaM0DzlrwG4t3DE0-lGtlIVbgvQ3AwHouL_QUzI_b-xiHiAafqIG1JCgmTzJzV7lVr0eCQUc8u8d8N6Y_bkbF4fdtnxsm0T9OOqXRJLfOJq6cC3Vl0hd-k9_S9bHynFrpOIbZxRtsqGRn2HKL6pqRU1uD9sRK72lB6WNuvT45hP5sbCuXVidrYIuUkiBHTQkPJ1XYTPFTnAZzQID-5bTEEQd9r0TlTJm8AKcKobybXvxYPhWa2pSnlki9ZytebVQSK9K-jcwQmRmvJnpNjZskZcgfmh4yCQALpDqP5hC1fG5GPHOJquhNeNPlSdlyXdsyMiUGOdktG-XUF4uCOAqYlx1PKd1LJI6ywwjUYkIEo2wt4XXg8Z55BnmUwUPHJtR1dyNrUKLNdbZWRZ57ECnlR23Te6aJ_bGnhYEgXHMCOMFFfn8wNPKca2yd6BibgoNbkW7owodhukgQmJYyk2S2h3O3FHu5kq9nKkdqCdhpsjOf8l6snGOmMYn&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c40e83eb43004fddbac6be82dc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e566eacd43e0476853359a5546a602bdc6fe8b7bd296e4e9862c165fbd1721bf

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABB; OXPCLK=AAHg4AAAAAAAAABB; ppucnt=65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABB; OXPCLK=AAHg4AAAAAAAAABB; ppucnt=65
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=g0fGVv1yJH_UxO-ADJx67KpUINaCDMQjac7i0KHLBHwTPXkrEunRaKvSH51JZ83W4izOfxlwPdy0IzDv5iRSETj0hsXXNLpEDRK6bQGagrNUzuJUMOvC0I4yJekVWvJdg5_wsFtYcnfyb_iG_r3yyknwQXxAeJfcoEz4E3ZJ5h-sW6cIMz8K1WWCSUwO882w2ykSIA2L--uENJTXTMQkksh6MaFz8od8xQvF8vekTTK5OK-ntZ53V0xeLv6IgLTZ3jvcK7y3XsdeEpRTcE3wiBnk0QGHpSl26r3NCqgoWswHyH0Cj7IhCBgcsA5Q1V2ZHnfVy-3E3TuCtqPahrf3QlvZqtlc5MeYr-jzqQ7RPJndmxjxYtZn547QjeoL8BJQNmt0Ko9Vf5dk12zB1Ab_jjgR_3ki76xHk187WSkG8JTSEG3NdLgz5cKLsRq2TCJ19lLaUbvwONkv6H1jIaIc0gzAfs3NRFCJ657bXgIpVV8FAm9yj2LmNf73gAWim699coJLCJlqySpWeBjqKj4_VAPJfEkEe2gmNQOIuALiWg9qEHZ5lTz8SjnDuhQU06yDvhme-x2P-79NbWQI6f0LK6XptR-em0oHeDw1nvcZ8w7nCDjNx5bfMi9OY5y0LtV5ODubz1JchiMpoFg-jPHL0WKezB9ktt0NXZrx&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
058cdb9228795cb099d292f06ed282705208e00f7ae7d2e957a708f2453d60df

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=g0fGVv1yJH_UxO-ADJx67KpUINaCDMQjac7i0KHLBHwTPXkrEunRaKvSH51JZ83W4izOfxlwPdy0IzDv5iRSETj0hsXXNLpEDRK6bQGagrNUzuJUMOvC0I4yJekVWvJdg5_wsFtYcnfyb_iG_r3yyknwQXxAeJfcoEz4E3ZJ5h-sW6cIMz8K1WWCSUwO882w2ykSIA2L--uENJTXTMQkksh6MaFz8od8xQvF8vekTTK5OK-ntZ53V0xeLv6IgLTZ3jvcK7y3XsdeEpRTcE3wiBnk0QGHpSl26r3NCqgoWswHyH0Cj7IhCBgcsA5Q1V2ZHnfVy-3E3TuCtqPahrf3QlvZqtlc5MeYr-jzqQ7RPJndmxjxYtZn547QjeoL8BJQNmt0Ko9Vf5dk12zB1Ab_jjgR_3ki76xHk187WSkG8JTSEG3NdLgz5cKLsRq2TCJ19lLaUbvwONkv6H1jIaIc0gzAfs3NRFCJ657bXgIpVV8FAm9yj2LmNf73gAWim699coJLCJlqySpWeBjqKj4_VAPJfEkEe2gmNQOIuALiWg9qEHZ5lTz8SjnDuhQU06yDvhme-x2P-79NbWQI6f0LK6XptR-em0oHeDw1nvcZ8w7nCDjNx5bfMi9OY5y0LtV5ODubz1JchiMpoFg-jPHL0WKezB9ktt0NXZrx&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABB; OXPCLK=AAHg4AAAAAAAAABB; ppucnt=65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABC; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAABC; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=66; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=g0fGVv1yJH_UxO-ADJx67KpUINaCDMQjac7i0KHLBHwTPXkrEunRaKvSH51JZ83W4izOfxlwPdy0IzDv5iRSETj0hsXXNLpEDRK6bQGagrNUzuJUMOvC0I4yJekVWvJdg5_wsFtYcnfyb_iG_r3yyknwQXxAeJfcoEz4E3ZJ5h-sW6cIMz8K1WWCSUwO882w2ykSIA2L--uENJTXTMQkksh6MaFz8od8xQvF8vekTTK5OK-ntZ53V0xeLv6IgLTZ3jvcK7y3XsdeEpRTcE3wiBnk0QGHpSl26r3NCqgoWswHyH0Cj7IhCBgcsA5Q1V2ZHnfVy-3E3TuCtqPahrf3QlvZqtlc5MeYr-jzqQ7RPJndmxjxYtZn547QjeoL8BJQNmt0Ko9Vf5dk12zB1Ab_jjgR_3ki76xHk187WSkG8JTSEG3NdLgz5cKLsRq2TCJ19lLaUbvwONkv6H1jIaIc0gzAfs3NRFCJ657bXgIpVV8FAm9yj2LmNf73gAWim699coJLCJlqySpWeBjqKj4_VAPJfEkEe2gmNQOIuALiWg9qEHZ5lTz8SjnDuhQU06yDvhme-x2P-79NbWQI6f0LK6XptR-em0oHeDw1nvcZ8w7nCDjNx5bfMi9OY5y0LtV5ODubz1JchiMpoFg-jPHL0WKezB9ktt0NXZrx&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a3eac7ba839e4302bcaa59e65c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2fd98c0a4eacd4380f49b85778736db1111b6c8ae6468263ddcebac9c86e8408

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABC; OXPCLK=AAHg4AAAAAAAAABC; ppucnt=66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABC; OXPCLK=AAHg4AAAAAAAAABC; ppucnt=66
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=Zrb0hceFVaSvSQuDYbL8EUvH0tHXWD7qKIBwLhyVUKBCOZ28tquyr5COydRTfPoBcqnoWnpHn1CDl1UB3dxRH2uYSJiM2H4UImEZDVpnraYkFW8DVEAJ7xFy3OBm6krPLj1BNkrLf9LYKJjQygvcHa78RHQeMR0cYSuBbEpsZq47PQ_f49PEAWDDivCAAm9jBVTmllPjj8lHj-B93NWVC0F5CFhTec0f4f7yw9Y_qFKkea27Nxpp3ittC4h0YuQRyOfepVuad1EVJsdu05tMYxbemhTMa9qJRSpD0HNA_uLU7AolnD1ovHAotknAs6ms1l1l4j9tmW4DezMwMPM62uMhR9XF3ikOJ-RS0jn_mfdvG0BjvOTcc6UPjdbtE7oK7X9o3lie5Ra1criIgJDFiXKcEgWZisdbuyloUdciVK4O1hx42MqCsBPkIafBiv7dA0Gmr6xludZLiZ25el-KfokC0-WkWntxInGWcPTXdZzvlyPt2o6B_YAxI9kjk6fjCUFnUzDWZyGa5VhrRSK-IrKg1I8oWUs-pq0dvOXL4Cq9KiQpMVQgmOaAUUrHKo458wZwD0TNoEOO_7ggNqPIZuEDcEyRagSLJuQz8tA0J_GHEaYqwYzelmHG-Mkm25koDk3cB9rSmz-p0A3bEqrJORU6q5Mg3jdvDLuH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=Zrb0hceFVaSvSQuDYbL8EUvH0tHXWD7qKIBwLhyVUKBCOZ28tquyr5COydRTfPoBcqnoWnpHn1CDl1UB3dxRH2uYSJiM2H4UImEZDVpnraYkFW8DVEAJ7xFy3OBm6krPLj1BNkrLf9LYKJjQygvcHa78RHQeMR0cYSuBbEpsZq47PQ_f49PEAWDDivCAAm9jBVTmllPjj8lHj-B93NWVC0F5CFhTec0f4f7yw9Y_qFKkea27Nxpp3ittC4h0YuQRyOfepVuad1EVJsdu05tMYxbemhTMa9qJRSpD0HNA_uLU7AolnD1ovHAotknAs6ms1l1l4j9tmW4DezMwMPM62uMhR9XF3ikOJ-RS0jn_mfdvG0BjvOTcc6UPjdbtE7oK7X9o3lie5Ra1criIgJDFiXKcEgWZisdbuyloUdciVK4O1hx42MqCsBPkIafBiv7dA0Gmr6xludZLiZ25el-KfokC0-WkWntxInGWcPTXdZzvlyPt2o6B_YAxI9kjk6fjCUFnUzDWZyGa5VhrRSK-IrKg1I8oWUs-pq0dvOXL4Cq9KiQpMVQgmOaAUUrHKo458wZwD0TNoEOO_7ggNqPIZuEDcEyRagSLJuQz8tA0J_GHEaYqwYzelmHG-Mkm25koDk3cB9rSmz-p0A3bEqrJORU6q5Mg3jdvDLuH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABC; OXPCLK=AAHg4AAAAAAAAABC; ppucnt=66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABD; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure OXPCLK=AAHg4AAAAAAAAABD; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure ppucnt=67; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:42 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=Zrb0hceFVaSvSQuDYbL8EUvH0tHXWD7qKIBwLhyVUKBCOZ28tquyr5COydRTfPoBcqnoWnpHn1CDl1UB3dxRH2uYSJiM2H4UImEZDVpnraYkFW8DVEAJ7xFy3OBm6krPLj1BNkrLf9LYKJjQygvcHa78RHQeMR0cYSuBbEpsZq47PQ_f49PEAWDDivCAAm9jBVTmllPjj8lHj-B93NWVC0F5CFhTec0f4f7yw9Y_qFKkea27Nxpp3ittC4h0YuQRyOfepVuad1EVJsdu05tMYxbemhTMa9qJRSpD0HNA_uLU7AolnD1ovHAotknAs6ms1l1l4j9tmW4DezMwMPM62uMhR9XF3ikOJ-RS0jn_mfdvG0BjvOTcc6UPjdbtE7oK7X9o3lie5Ra1criIgJDFiXKcEgWZisdbuyloUdciVK4O1hx42MqCsBPkIafBiv7dA0Gmr6xludZLiZ25el-KfokC0-WkWntxInGWcPTXdZzvlyPt2o6B_YAxI9kjk6fjCUFnUzDWZyGa5VhrRSK-IrKg1I8oWUs-pq0dvOXL4Cq9KiQpMVQgmOaAUUrHKo458wZwD0TNoEOO_7ggNqPIZuEDcEyRagSLJuQz8tA0J_GHEaYqwYzelmHG-Mkm25koDk3cB9rSmz-p0A3bEqrJORU6q5Mg3jdvDLuH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:42 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b3d79039ff7c4f7cb56e891c59&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:42 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:42 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d402a9b4f8988d6f871f1361f59fa08069b21126c6bdc8f1fb08041496054491

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABD; OXPCLK=AAHg4AAAAAAAAABD; ppucnt=67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABD; OXPCLK=AAHg4AAAAAAAAABD; ppucnt=67
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=OC2cYObkbqS3ngAeP0UHbHSyAcoJKyYCWULV8n0fYI15SeYwrPuL_r7vcJ-dJM7H8satFqV9RgnkgTCPrfIT4dP54_ANIKyQVfjq_dOsoba9LxBJ1lL5Lz27ONfUQSvr8VD0iDAoXrttiG9Q6nYx1N3yuKBGHWsR7xFgS9tTuhgt6HNvN5Y6EwKmTScG3OZ0PZdzTydFZznyAVEFfCL_9rvh-CdhB6G2anHaGWJtOIR0is_VJIjp99UOVYxYjCHkESIb1EbtcQAcdXHOR08XFx-AWiRhVXC5pzG4ez1JWm6x1xMYLmcvXX0OlzPh_iSuESHYZnf_r-rY5xBivsVrpdTPs_LqRfMOdU88UHPLfAeqg7HG654D-B6mTAksMMB0KocIAXkCHHeGLJ1oa7fo6eMWNmx7E3_f22AkTpJRTPzgqBke4htiWqJETwVfTnx4qI3x94bj7xMOm6hlwKFQaJakyJVxnAlZm85s69LDEeJWznWzBkEE0oEXIHqRlrKkGn1oVw6B_uTZKW8-bEYkpbHQFgW237mEmK2wEoJiMIj9yngEJ-ZiV9TUhap_jNNX6rsgSxmdKz5diPTp-JuDyQhEQcIwg4LWziKRBdMtqEESnXcgoBdYkgbYMFFl7GBVsO57-aRk2vTLuvMfmfHsfGMB0x-CvnkkHsLO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6f841531fb7af420a0feabd081775ab0540c8f99f3de9fe6ecb605d100daafaa

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=OC2cYObkbqS3ngAeP0UHbHSyAcoJKyYCWULV8n0fYI15SeYwrPuL_r7vcJ-dJM7H8satFqV9RgnkgTCPrfIT4dP54_ANIKyQVfjq_dOsoba9LxBJ1lL5Lz27ONfUQSvr8VD0iDAoXrttiG9Q6nYx1N3yuKBGHWsR7xFgS9tTuhgt6HNvN5Y6EwKmTScG3OZ0PZdzTydFZznyAVEFfCL_9rvh-CdhB6G2anHaGWJtOIR0is_VJIjp99UOVYxYjCHkESIb1EbtcQAcdXHOR08XFx-AWiRhVXC5pzG4ez1JWm6x1xMYLmcvXX0OlzPh_iSuESHYZnf_r-rY5xBivsVrpdTPs_LqRfMOdU88UHPLfAeqg7HG654D-B6mTAksMMB0KocIAXkCHHeGLJ1oa7fo6eMWNmx7E3_f22AkTpJRTPzgqBke4htiWqJETwVfTnx4qI3x94bj7xMOm6hlwKFQaJakyJVxnAlZm85s69LDEeJWznWzBkEE0oEXIHqRlrKkGn1oVw6B_uTZKW8-bEYkpbHQFgW237mEmK2wEoJiMIj9yngEJ-ZiV9TUhap_jNNX6rsgSxmdKz5diPTp-JuDyQhEQcIwg4LWziKRBdMtqEESnXcgoBdYkgbYMFFl7GBVsO57-aRk2vTLuvMfmfHsfGMB0x-CvnkkHsLO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABD; OXPCLK=AAHg4AAAAAAAAABD; ppucnt=67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABE; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABE; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=68; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=2b6e847cd8ead73b6283b63c1d8862101631480742&psp=OC2cYObkbqS3ngAeP0UHbHSyAcoJKyYCWULV8n0fYI15SeYwrPuL_r7vcJ-dJM7H8satFqV9RgnkgTCPrfIT4dP54_ANIKyQVfjq_dOsoba9LxBJ1lL5Lz27ONfUQSvr8VD0iDAoXrttiG9Q6nYx1N3yuKBGHWsR7xFgS9tTuhgt6HNvN5Y6EwKmTScG3OZ0PZdzTydFZznyAVEFfCL_9rvh-CdhB6G2anHaGWJtOIR0is_VJIjp99UOVYxYjCHkESIb1EbtcQAcdXHOR08XFx-AWiRhVXC5pzG4ez1JWm6x1xMYLmcvXX0OlzPh_iSuESHYZnf_r-rY5xBivsVrpdTPs_LqRfMOdU88UHPLfAeqg7HG654D-B6mTAksMMB0KocIAXkCHHeGLJ1oa7fo6eMWNmx7E3_f22AkTpJRTPzgqBke4htiWqJETwVfTnx4qI3x94bj7xMOm6hlwKFQaJakyJVxnAlZm85s69LDEeJWznWzBkEE0oEXIHqRlrKkGn1oVw6B_uTZKW8-bEYkpbHQFgW237mEmK2wEoJiMIj9yngEJ-ZiV9TUhap_jNNX6rsgSxmdKz5diPTp-JuDyQhEQcIwg4LWziKRBdMtqEESnXcgoBdYkgbYMFFl7GBVsO57-aRk2vTLuvMfmfHsfGMB0x-CvnkkHsLO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405dd60741c5018423796928d93fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b66416868f1a0865fcb0c6f66bdc1d32faf7b75f6e1a1b7517c3b782ac9a5de

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABE; OXPCLK=AAHg4AAAAAAAAABE; ppucnt=68
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABE; OXPCLK=AAHg4AAAAAAAAABE; ppucnt=68
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=v_-GL14RbP49TvtDFshJxR2mqSiNKEriPK6QyCxvI8odk1xSlh4CTX71dP5EIb7Um3gcL0WQbSU5gMCUyJvgDyDLDMAU693LcontmmtX0pWVnYa91AmRreIQ_c8O7qZ5_Wuhcc83SWfcYykhlROydr3J7chY4krYepIcIwmg2w_GezRPyxboRtZlH2VrnlJTonUVx3S3XF84bm4rKD856Y3vesFs28zUYiaVZVjdvHP9EsvBQajRe7MV_epdrj3XtKrbVL_ZJBhG9pvsWn8Y9qHhjU3aNZERL5_ok4gEmEIMZkOaaIJ5woEawCsDiDBNCdg1nDqb0LxylgJJZ2x3HnzYyanj5pfWIlLp4CQ9ULXu0LvXmGyL1DUm_-pHIBYb7iWcqBxhZPzlpvupNDi3Tpub-hGsYMHNDa9I-8lRRF9KCiHywfYBx1sgs9vNIQJcMR3ypcqRuGNToe-lJ887pz5D-XAnImaJUH0TGS31uvTds8Bg2WZOutIKrKz-HHJeNu_ptDZmOX42iOlC_kBZF2WVHcxktycue5oH5lrmjrHieVe7LK0V0sRwenByZpgFTEmZ-UtlOJvnqcK5-wLGeXg4XdbVUXbx6uAj7NWwjGm1v3dfdU_qUYokGv8iuFeR110U3b93aAO7uhYis2MFJecz4_Jmg7LXGc9M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0553470cf550e2b8a8802d8e6e054fd018b2fe8b9ef32b8f7be2192cc17488ed

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=v_-GL14RbP49TvtDFshJxR2mqSiNKEriPK6QyCxvI8odk1xSlh4CTX71dP5EIb7Um3gcL0WQbSU5gMCUyJvgDyDLDMAU693LcontmmtX0pWVnYa91AmRreIQ_c8O7qZ5_Wuhcc83SWfcYykhlROydr3J7chY4krYepIcIwmg2w_GezRPyxboRtZlH2VrnlJTonUVx3S3XF84bm4rKD856Y3vesFs28zUYiaVZVjdvHP9EsvBQajRe7MV_epdrj3XtKrbVL_ZJBhG9pvsWn8Y9qHhjU3aNZERL5_ok4gEmEIMZkOaaIJ5woEawCsDiDBNCdg1nDqb0LxylgJJZ2x3HnzYyanj5pfWIlLp4CQ9ULXu0LvXmGyL1DUm_-pHIBYb7iWcqBxhZPzlpvupNDi3Tpub-hGsYMHNDa9I-8lRRF9KCiHywfYBx1sgs9vNIQJcMR3ypcqRuGNToe-lJ887pz5D-XAnImaJUH0TGS31uvTds8Bg2WZOutIKrKz-HHJeNu_ptDZmOX42iOlC_kBZF2WVHcxktycue5oH5lrmjrHieVe7LK0V0sRwenByZpgFTEmZ-UtlOJvnqcK5-wLGeXg4XdbVUXbx6uAj7NWwjGm1v3dfdU_qUYokGv8iuFeR110U3b93aAO7uhYis2MFJecz4_Jmg7LXGc9M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABE; OXPCLK=AAHg4AAAAAAAAABE; ppucnt=68
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABF; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABF; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=69; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=v_-GL14RbP49TvtDFshJxR2mqSiNKEriPK6QyCxvI8odk1xSlh4CTX71dP5EIb7Um3gcL0WQbSU5gMCUyJvgDyDLDMAU693LcontmmtX0pWVnYa91AmRreIQ_c8O7qZ5_Wuhcc83SWfcYykhlROydr3J7chY4krYepIcIwmg2w_GezRPyxboRtZlH2VrnlJTonUVx3S3XF84bm4rKD856Y3vesFs28zUYiaVZVjdvHP9EsvBQajRe7MV_epdrj3XtKrbVL_ZJBhG9pvsWn8Y9qHhjU3aNZERL5_ok4gEmEIMZkOaaIJ5woEawCsDiDBNCdg1nDqb0LxylgJJZ2x3HnzYyanj5pfWIlLp4CQ9ULXu0LvXmGyL1DUm_-pHIBYb7iWcqBxhZPzlpvupNDi3Tpub-hGsYMHNDa9I-8lRRF9KCiHywfYBx1sgs9vNIQJcMR3ypcqRuGNToe-lJ887pz5D-XAnImaJUH0TGS31uvTds8Bg2WZOutIKrKz-HHJeNu_ptDZmOX42iOlC_kBZF2WVHcxktycue5oH5lrmjrHieVe7LK0V0sRwenByZpgFTEmZ-UtlOJvnqcK5-wLGeXg4XdbVUXbx6uAj7NWwjGm1v3dfdU_qUYokGv8iuFeR110U3b93aAO7uhYis2MFJecz4_Jmg7LXGc9M&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054c28a4c907eb4960ad476af427&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0a2873cd83111d954719eaf42b4b37538b57415356c2d9f963d42bb0d9f6ceb0

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABF; OXPCLK=AAHg4AAAAAAAAABF; ppucnt=69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABF; OXPCLK=AAHg4AAAAAAAAABF; ppucnt=69
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=p_5CD-0e46cukgkaPJyYw9mK456zXArmtcoLuE91Gk3ZXaXsI98sUEplkIvFkwExzUDSNgL8r9BO7tMFdF9Fa-5FJWikXaa0vhdugmnkut6kGTVvYbkMFx_DQ9t915IRVukF_vka2Nwq3JPRb9LcyxET4QwZzpJHMkFJ-CA_Z5khUCSMuI7EiYd8umT4bxAIgGUzpvgXz8ZxlmlCzYPzlPffNrXU9orAH7a-8azgy2v2QJCxD9jFs5C43QE74ubA9SFvwcXJ2eaZtNntvH-KNXJzXJU5JvUyMpUp7Z2Ju7I9gVdWQ7Mnvvo0be0NGzhnad5ksJFn5u8PIt8Gfzlr6OSm3k5XnCZQrbgK_NhXmRRUQ6bHNiQNOJLjI_r4LFn9_4jvW5cq_q0Ag4FbdihYsCakY7rcIQVq4NeczRF4__H02S_E_J08nb6_j5eRlxMNY3jnqBQsn19kIcYyhSPbTCOg6z3pbxY2Hio3yz95ZjxmufBIeH0wayew4zgRv5gS6PJqz2BrlHLcZuRDQJu2mw_VYZppKVTJA9vQL6jKWtAZfpRC-CZdqdxTyq9tnASU8A-lL5guFP0gIm9SzziluyR-W7DCkZTLz6J0yHlJ5ac_7b_tyLiSDyPX_ixd_6hag6kOMit-GdWeicXWcscpB7-1Xq_6O2sorMt8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f971a8dd8d725f3788e9e6472c7b3d0ad548f96b599662f3f05ff58d989703c2

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=p_5CD-0e46cukgkaPJyYw9mK456zXArmtcoLuE91Gk3ZXaXsI98sUEplkIvFkwExzUDSNgL8r9BO7tMFdF9Fa-5FJWikXaa0vhdugmnkut6kGTVvYbkMFx_DQ9t915IRVukF_vka2Nwq3JPRb9LcyxET4QwZzpJHMkFJ-CA_Z5khUCSMuI7EiYd8umT4bxAIgGUzpvgXz8ZxlmlCzYPzlPffNrXU9orAH7a-8azgy2v2QJCxD9jFs5C43QE74ubA9SFvwcXJ2eaZtNntvH-KNXJzXJU5JvUyMpUp7Z2Ju7I9gVdWQ7Mnvvo0be0NGzhnad5ksJFn5u8PIt8Gfzlr6OSm3k5XnCZQrbgK_NhXmRRUQ6bHNiQNOJLjI_r4LFn9_4jvW5cq_q0Ag4FbdihYsCakY7rcIQVq4NeczRF4__H02S_E_J08nb6_j5eRlxMNY3jnqBQsn19kIcYyhSPbTCOg6z3pbxY2Hio3yz95ZjxmufBIeH0wayew4zgRv5gS6PJqz2BrlHLcZuRDQJu2mw_VYZppKVTJA9vQL6jKWtAZfpRC-CZdqdxTyq9tnASU8A-lL5guFP0gIm9SzziluyR-W7DCkZTLz6J0yHlJ5ac_7b_tyLiSDyPX_ixd_6hag6kOMit-GdWeicXWcscpB7-1Xq_6O2sorMt8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABF; OXPCLK=AAHg4AAAAAAAAABF; ppucnt=69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABG; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABG; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=70; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=p_5CD-0e46cukgkaPJyYw9mK456zXArmtcoLuE91Gk3ZXaXsI98sUEplkIvFkwExzUDSNgL8r9BO7tMFdF9Fa-5FJWikXaa0vhdugmnkut6kGTVvYbkMFx_DQ9t915IRVukF_vka2Nwq3JPRb9LcyxET4QwZzpJHMkFJ-CA_Z5khUCSMuI7EiYd8umT4bxAIgGUzpvgXz8ZxlmlCzYPzlPffNrXU9orAH7a-8azgy2v2QJCxD9jFs5C43QE74ubA9SFvwcXJ2eaZtNntvH-KNXJzXJU5JvUyMpUp7Z2Ju7I9gVdWQ7Mnvvo0be0NGzhnad5ksJFn5u8PIt8Gfzlr6OSm3k5XnCZQrbgK_NhXmRRUQ6bHNiQNOJLjI_r4LFn9_4jvW5cq_q0Ag4FbdihYsCakY7rcIQVq4NeczRF4__H02S_E_J08nb6_j5eRlxMNY3jnqBQsn19kIcYyhSPbTCOg6z3pbxY2Hio3yz95ZjxmufBIeH0wayew4zgRv5gS6PJqz2BrlHLcZuRDQJu2mw_VYZppKVTJA9vQL6jKWtAZfpRC-CZdqdxTyq9tnASU8A-lL5guFP0gIm9SzziluyR-W7DCkZTLz6J0yHlJ5ac_7b_tyLiSDyPX_ixd_6hag6kOMit-GdWeicXWcscpB7-1Xq_6O2sorMt8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405565ec4954fb4474ea03c5fb390&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
46ed1a620db58bf83eb3e2f0c966bb0e1afb889e6a0657bd7babe57d8719d683

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABG; OXPCLK=AAHg4AAAAAAAAABG; ppucnt=70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABG; OXPCLK=AAHg4AAAAAAAAABG; ppucnt=70
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=A1IgcBPXr-vKtEX1fZZbTIf05rL42BERjHZQGyaoNWMHoGNDRh7C5x7ZFenSaGUl84gUdy2k2Yh6iuuV2Hr1S2ZGjYNIC__quhY8bBx2uAXQ4emmFKRQzJJn5DBZyCqgSRSv-_lvBUEb-UqYZLObIFhEdfhrjB5B5eG2W-Ct18-8zJyrB1Dqgj1Ps3uwYVD6TLVa-E5Y7leD5M7nsd6g0PYj7KlvmnozqZPoouadgakwVgtoS2DeIsing9yjC6e-XD_KQ2SKLcredjvG0U-OwbHHxM_oCHri3WjUZ_i5wtbJ8vJNBFQR3Xdut4M1MallpH9h9sT_6Vu4DDuEJsham1TNAqfHfMnICxQttAhcLmTMXF8a0nTGlZ18uVTCib_ZD61P7yV38wp4k0peHaVF8fTH6BRbEuIZo_vrANwujFzD766H8NHrjROsSXJzefNHfqFHGQF32DQjLnP2e8XvCB9j9EvfJLzRnKw71Wh-FnKl4QaaXOoo0trbd_B9uKXs5fsZMmwBQHbhNBTKgnLXs5H55vPpZCq2uNe10fIX4ruSkQWjuH_X9dEETibqeCVciHdCHO7G0ETuS_PKBskMcqPYLjnHX__Q2DpCouiRJ1oirUNZlsGFiV4qRD6DtzTPS0USXBIaT_kGHNeOs0kCPg8XLLmI4CIegQDG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2e9eedda1b361c71cda243e9ec4dba6f3d359fb0fbea3d233f10670ba2af1f1a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=A1IgcBPXr-vKtEX1fZZbTIf05rL42BERjHZQGyaoNWMHoGNDRh7C5x7ZFenSaGUl84gUdy2k2Yh6iuuV2Hr1S2ZGjYNIC__quhY8bBx2uAXQ4emmFKRQzJJn5DBZyCqgSRSv-_lvBUEb-UqYZLObIFhEdfhrjB5B5eG2W-Ct18-8zJyrB1Dqgj1Ps3uwYVD6TLVa-E5Y7leD5M7nsd6g0PYj7KlvmnozqZPoouadgakwVgtoS2DeIsing9yjC6e-XD_KQ2SKLcredjvG0U-OwbHHxM_oCHri3WjUZ_i5wtbJ8vJNBFQR3Xdut4M1MallpH9h9sT_6Vu4DDuEJsham1TNAqfHfMnICxQttAhcLmTMXF8a0nTGlZ18uVTCib_ZD61P7yV38wp4k0peHaVF8fTH6BRbEuIZo_vrANwujFzD766H8NHrjROsSXJzefNHfqFHGQF32DQjLnP2e8XvCB9j9EvfJLzRnKw71Wh-FnKl4QaaXOoo0trbd_B9uKXs5fsZMmwBQHbhNBTKgnLXs5H55vPpZCq2uNe10fIX4ruSkQWjuH_X9dEETibqeCVciHdCHO7G0ETuS_PKBskMcqPYLjnHX__Q2DpCouiRJ1oirUNZlsGFiV4qRD6DtzTPS0USXBIaT_kGHNeOs0kCPg8XLLmI4CIegQDG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABG; OXPCLK=AAHg4AAAAAAAAABG; ppucnt=70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABH; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABH; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=71; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=A1IgcBPXr-vKtEX1fZZbTIf05rL42BERjHZQGyaoNWMHoGNDRh7C5x7ZFenSaGUl84gUdy2k2Yh6iuuV2Hr1S2ZGjYNIC__quhY8bBx2uAXQ4emmFKRQzJJn5DBZyCqgSRSv-_lvBUEb-UqYZLObIFhEdfhrjB5B5eG2W-Ct18-8zJyrB1Dqgj1Ps3uwYVD6TLVa-E5Y7leD5M7nsd6g0PYj7KlvmnozqZPoouadgakwVgtoS2DeIsing9yjC6e-XD_KQ2SKLcredjvG0U-OwbHHxM_oCHri3WjUZ_i5wtbJ8vJNBFQR3Xdut4M1MallpH9h9sT_6Vu4DDuEJsham1TNAqfHfMnICxQttAhcLmTMXF8a0nTGlZ18uVTCib_ZD61P7yV38wp4k0peHaVF8fTH6BRbEuIZo_vrANwujFzD766H8NHrjROsSXJzefNHfqFHGQF32DQjLnP2e8XvCB9j9EvfJLzRnKw71Wh-FnKl4QaaXOoo0trbd_B9uKXs5fsZMmwBQHbhNBTKgnLXs5H55vPpZCq2uNe10fIX4ruSkQWjuH_X9dEETibqeCVciHdCHO7G0ETuS_PKBskMcqPYLjnHX__Q2DpCouiRJ1oirUNZlsGFiV4qRD6DtzTPS0USXBIaT_kGHNeOs0kCPg8XLLmI4CIegQDG&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214054faa1ced07714623b386a1e0db&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
55bc867ebbf579a6360843d2a1d3cc61b330d264a66a5ebc085932785f6c896c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABH; OXPCLK=AAHg4AAAAAAAAABH; ppucnt=71
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABH; OXPCLK=AAHg4AAAAAAAAABH; ppucnt=71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=5N_yjzwN-7pwtsZIBNMa8cTkf9TMGDO4MK25RoG7QFYhWbWXBzItekO9Y-W6qLegJ-WTr6GdjceczYL80R5wwCHM1oSEUmyPm-me0NLRlscsgPWraRk3dlz21fhlZd8sPhJCveIuH-Smvvt-OWbY7TUh9k74zeIzIn_vDZKHnCa_EdWU4O10PF6eCj_59RwM2DlKkTGsnPeXZqj3WqDtbXgNxXA2kG-5abfOTljHzxLszJ98OYenrsEIRa2P8l5J_LZsKUJrPp-QaNx6nbb5k298M7OXAnALnAJCibhpBVS_tredl81sS6tPJ-y-5mCVCyqUepluBcWsSirz2B8Y2RcRVMGTW1BOl6rIZSEGMS4YGDiWuPzN6uTZBECvRML4CHCkIY6gU1OhncrcFZ89Ap3C7-GqmeHaPYwYKaUQyo7Lxtw91JtigGUN1tU3lVyMRavIoRJUsi_9K3soPy9rin-k6pqo-AqQ3d0xlhtNQAu5Idhvl5THeXG0w6brqk5zn_5Mg9eieT3a2v53__MYnDvLPNreHiiziGtPQDXEXeenp1-zW43mUkEjHXTTf7V-Lp9Sf5uhmB8LHCXsYxCgC4GpiqTGB7t0Hj2dC9uCwIjz_NUDJqXzNuzLYa0sktuX9vdU_6WDzbMZ0C5r0zWeHnOJ-sOF7szWPrKt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0f3a2d12cbd4328fca262e4b7b7cfa1c5481031f2de9fcae860af54394187d03

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=5N_yjzwN-7pwtsZIBNMa8cTkf9TMGDO4MK25RoG7QFYhWbWXBzItekO9Y-W6qLegJ-WTr6GdjceczYL80R5wwCHM1oSEUmyPm-me0NLRlscsgPWraRk3dlz21fhlZd8sPhJCveIuH-Smvvt-OWbY7TUh9k74zeIzIn_vDZKHnCa_EdWU4O10PF6eCj_59RwM2DlKkTGsnPeXZqj3WqDtbXgNxXA2kG-5abfOTljHzxLszJ98OYenrsEIRa2P8l5J_LZsKUJrPp-QaNx6nbb5k298M7OXAnALnAJCibhpBVS_tredl81sS6tPJ-y-5mCVCyqUepluBcWsSirz2B8Y2RcRVMGTW1BOl6rIZSEGMS4YGDiWuPzN6uTZBECvRML4CHCkIY6gU1OhncrcFZ89Ap3C7-GqmeHaPYwYKaUQyo7Lxtw91JtigGUN1tU3lVyMRavIoRJUsi_9K3soPy9rin-k6pqo-AqQ3d0xlhtNQAu5Idhvl5THeXG0w6brqk5zn_5Mg9eieT3a2v53__MYnDvLPNreHiiziGtPQDXEXeenp1-zW43mUkEjHXTTf7V-Lp9Sf5uhmB8LHCXsYxCgC4GpiqTGB7t0Hj2dC9uCwIjz_NUDJqXzNuzLYa0sktuX9vdU_6WDzbMZ0C5r0zWeHnOJ-sOF7szWPrKt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABH; OXPCLK=AAHg4AAAAAAAAABH; ppucnt=71
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABI; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABI; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=72; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=5N_yjzwN-7pwtsZIBNMa8cTkf9TMGDO4MK25RoG7QFYhWbWXBzItekO9Y-W6qLegJ-WTr6GdjceczYL80R5wwCHM1oSEUmyPm-me0NLRlscsgPWraRk3dlz21fhlZd8sPhJCveIuH-Smvvt-OWbY7TUh9k74zeIzIn_vDZKHnCa_EdWU4O10PF6eCj_59RwM2DlKkTGsnPeXZqj3WqDtbXgNxXA2kG-5abfOTljHzxLszJ98OYenrsEIRa2P8l5J_LZsKUJrPp-QaNx6nbb5k298M7OXAnALnAJCibhpBVS_tredl81sS6tPJ-y-5mCVCyqUepluBcWsSirz2B8Y2RcRVMGTW1BOl6rIZSEGMS4YGDiWuPzN6uTZBECvRML4CHCkIY6gU1OhncrcFZ89Ap3C7-GqmeHaPYwYKaUQyo7Lxtw91JtigGUN1tU3lVyMRavIoRJUsi_9K3soPy9rin-k6pqo-AqQ3d0xlhtNQAu5Idhvl5THeXG0w6brqk5zn_5Mg9eieT3a2v53__MYnDvLPNreHiiziGtPQDXEXeenp1-zW43mUkEjHXTTf7V-Lp9Sf5uhmB8LHCXsYxCgC4GpiqTGB7t0Hj2dC9uCwIjz_NUDJqXzNuzLYa0sktuX9vdU_6WDzbMZ0C5r0zWeHnOJ-sOF7szWPrKt&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcd57fbd8ead464ab2acb30a79&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
104421e0b0ee6f8d87f6f45d18bc268314bb78772702147b08f4ab46e65d6c6d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABI; OXPCLK=AAHg4AAAAAAAAABI; ppucnt=72
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABI; OXPCLK=AAHg4AAAAAAAAABI; ppucnt=72
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=cruj045SzEFS2FNuF-N7KQ86wd3HRdDu2M5R-bmC6Q89pM1Kx8pK-7edBFV6EOw6L9whi30Oo-yFZMI7d2eOaKmeqkbYw9QG9O-9mxKKTHWUUPWwRs7T_WYwiMSAsq8IKd-EUInrlQPU-cds8P9acubLV_FwGEIsJJmWALE5wkmVVrkfRLl8HstLNhmSAZY_wezHWnR1QIqjGKLtMHiTC38R_74PDs0KEqSCbQxpHOvUAQ1sYGShNZNN977h41OFUMiZgMpMHtyHY1F4Mnrhebmm4iyAjENx3HJ1sDZujKJ_DsHHlqz1Vjv3p4tkxalNDOrDZJpyZ9v9p6N5-kwD8crQI3VC5B-ZxytpIvQBv_SUH5nC9utyGG0pxEFgY06JEVaHTk3rXx3-FMNGUbsOVU_QyBn9F8bFZWEJIKOYUaGDNryOg7c0Rq4F2kFAMi_0mf6a0px0k_sdyBvG107eU_Io8-PT5WQ5ji_zL1eFMp09LQuJ0FvrNH9hbc0DzNqsdLU6kgDAKJxy-WuvxO8QA-BlVkZon83hVBA9-5tWUqSapHY-ZyVsmx9lL0AYUAAivX3ma1Tjm3bEF86nn2-PP-P9hCjG8QURWkvGF2P_tVaXJxCDrMsjZE59ZcR6FSFmxqh5Pza8on500ujOkkPRm9wDzAsp3LxtWKeY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5846cb9521735e64088fbdcee22a20847a890dd6b6a2c40c7cc4521a57d5f5dd

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=cruj045SzEFS2FNuF-N7KQ86wd3HRdDu2M5R-bmC6Q89pM1Kx8pK-7edBFV6EOw6L9whi30Oo-yFZMI7d2eOaKmeqkbYw9QG9O-9mxKKTHWUUPWwRs7T_WYwiMSAsq8IKd-EUInrlQPU-cds8P9acubLV_FwGEIsJJmWALE5wkmVVrkfRLl8HstLNhmSAZY_wezHWnR1QIqjGKLtMHiTC38R_74PDs0KEqSCbQxpHOvUAQ1sYGShNZNN977h41OFUMiZgMpMHtyHY1F4Mnrhebmm4iyAjENx3HJ1sDZujKJ_DsHHlqz1Vjv3p4tkxalNDOrDZJpyZ9v9p6N5-kwD8crQI3VC5B-ZxytpIvQBv_SUH5nC9utyGG0pxEFgY06JEVaHTk3rXx3-FMNGUbsOVU_QyBn9F8bFZWEJIKOYUaGDNryOg7c0Rq4F2kFAMi_0mf6a0px0k_sdyBvG107eU_Io8-PT5WQ5ji_zL1eFMp09LQuJ0FvrNH9hbc0DzNqsdLU6kgDAKJxy-WuvxO8QA-BlVkZon83hVBA9-5tWUqSapHY-ZyVsmx9lL0AYUAAivX3ma1Tjm3bEF86nn2-PP-P9hCjG8QURWkvGF2P_tVaXJxCDrMsjZE59ZcR6FSFmxqh5Pza8on500ujOkkPRm9wDzAsp3LxtWKeY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABI; OXPCLK=AAHg4AAAAAAAAABI; ppucnt=72
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABJ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABJ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=73; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=cruj045SzEFS2FNuF-N7KQ86wd3HRdDu2M5R-bmC6Q89pM1Kx8pK-7edBFV6EOw6L9whi30Oo-yFZMI7d2eOaKmeqkbYw9QG9O-9mxKKTHWUUPWwRs7T_WYwiMSAsq8IKd-EUInrlQPU-cds8P9acubLV_FwGEIsJJmWALE5wkmVVrkfRLl8HstLNhmSAZY_wezHWnR1QIqjGKLtMHiTC38R_74PDs0KEqSCbQxpHOvUAQ1sYGShNZNN977h41OFUMiZgMpMHtyHY1F4Mnrhebmm4iyAjENx3HJ1sDZujKJ_DsHHlqz1Vjv3p4tkxalNDOrDZJpyZ9v9p6N5-kwD8crQI3VC5B-ZxytpIvQBv_SUH5nC9utyGG0pxEFgY06JEVaHTk3rXx3-FMNGUbsOVU_QyBn9F8bFZWEJIKOYUaGDNryOg7c0Rq4F2kFAMi_0mf6a0px0k_sdyBvG107eU_Io8-PT5WQ5ji_zL1eFMp09LQuJ0FvrNH9hbc0DzNqsdLU6kgDAKJxy-WuvxO8QA-BlVkZon83hVBA9-5tWUqSapHY-ZyVsmx9lL0AYUAAivX3ma1Tjm3bEF86nn2-PP-P9hCjG8QURWkvGF2P_tVaXJxCDrMsjZE59ZcR6FSFmxqh5Pza8on500ujOkkPRm9wDzAsp3LxtWKeY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405fba0178f28914ee089fb2c663f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:43 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
508e408dad8ada23ba44feb7cd11b89d221d02d78e7b8c49a0360511e7c02e02

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABJ; OXPCLK=AAHg4AAAAAAAAABJ; ppucnt=73
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABJ; OXPCLK=AAHg4AAAAAAAAABJ; ppucnt=73
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=jQf_npfcx6srCy_P7irSW6MVDJtHZYpKuPpoQ1X0cLQJDUTnmkfyIPd8Aw-WVenAcIFGdFkuSOC4sYKm3zN1E2C5nk4naxGOQNImqZ4jcku76vKsqrurA-EdzY7w4Kxi0e6hw1xwCEEb0TZul3Nen2OJbfI5pZ_cTlsXcM9cp6SWz9Ure0ZXxxnxTUF1ONe7zYIGWBAf5XdeC_S44ViXu9f6ri9K6GAy6hH_9e4eH_VyU6kbE_YmuIuxaN2SqDDI_j0AvyCwbybuVDRParHuP5zfDvkwHf1fdgV47ysXevhC9hyaGO9UWEWx_-3s2cPFq0-Zxa6jcfOfrVu1PE3CXuyLxHfmwGvYSd5eJ0hLSB5K6s09XRhBqiUia5TYD0nIr9-YHvy-mUsvZ4iHqW18YV4_G1GFkrjJEtLKD3XWIiygipn-8fZYjyBTAyZ8GfTqxKS50LgieCzkT3fdNMPq3iCKH4arzpYsGaHvbhB9dghVdm15L6ZnXgw5tzbSE7xFeDZgMTyh6P56R1EbA1S_bMwYaOiQzjbfZ8lRzNCEh32_pZbuZ0jcsgPBNDtPCuOzGRNplEY3Fa7rFBU5ARc9OF0VW8RH6zqOju-iRzuwuJvoNn8coU3xrWo9XfgV4sBhCkd97eBryDrHb6RIEB4mZIiIQUEDsGfeJvSY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=jQf_npfcx6srCy_P7irSW6MVDJtHZYpKuPpoQ1X0cLQJDUTnmkfyIPd8Aw-WVenAcIFGdFkuSOC4sYKm3zN1E2C5nk4naxGOQNImqZ4jcku76vKsqrurA-EdzY7w4Kxi0e6hw1xwCEEb0TZul3Nen2OJbfI5pZ_cTlsXcM9cp6SWz9Ure0ZXxxnxTUF1ONe7zYIGWBAf5XdeC_S44ViXu9f6ri9K6GAy6hH_9e4eH_VyU6kbE_YmuIuxaN2SqDDI_j0AvyCwbybuVDRParHuP5zfDvkwHf1fdgV47ysXevhC9hyaGO9UWEWx_-3s2cPFq0-Zxa6jcfOfrVu1PE3CXuyLxHfmwGvYSd5eJ0hLSB5K6s09XRhBqiUia5TYD0nIr9-YHvy-mUsvZ4iHqW18YV4_G1GFkrjJEtLKD3XWIiygipn-8fZYjyBTAyZ8GfTqxKS50LgieCzkT3fdNMPq3iCKH4arzpYsGaHvbhB9dghVdm15L6ZnXgw5tzbSE7xFeDZgMTyh6P56R1EbA1S_bMwYaOiQzjbfZ8lRzNCEh32_pZbuZ0jcsgPBNDtPCuOzGRNplEY3Fa7rFBU5ARc9OF0VW8RH6zqOju-iRzuwuJvoNn8coU3xrWo9XfgV4sBhCkd97eBryDrHb6RIEB4mZIiIQUEDsGfeJvSY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABJ; OXPCLK=AAHg4AAAAAAAAABJ; ppucnt=73
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABK; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure OXPCLK=AAHg4AAAAAAAAABK; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure ppucnt=74; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:43 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=0aba1e8ebf161e6aeb28544a743cdf311631480743&psp=jQf_npfcx6srCy_P7irSW6MVDJtHZYpKuPpoQ1X0cLQJDUTnmkfyIPd8Aw-WVenAcIFGdFkuSOC4sYKm3zN1E2C5nk4naxGOQNImqZ4jcku76vKsqrurA-EdzY7w4Kxi0e6hw1xwCEEb0TZul3Nen2OJbfI5pZ_cTlsXcM9cp6SWz9Ure0ZXxxnxTUF1ONe7zYIGWBAf5XdeC_S44ViXu9f6ri9K6GAy6hH_9e4eH_VyU6kbE_YmuIuxaN2SqDDI_j0AvyCwbybuVDRParHuP5zfDvkwHf1fdgV47ysXevhC9hyaGO9UWEWx_-3s2cPFq0-Zxa6jcfOfrVu1PE3CXuyLxHfmwGvYSd5eJ0hLSB5K6s09XRhBqiUia5TYD0nIr9-YHvy-mUsvZ4iHqW18YV4_G1GFkrjJEtLKD3XWIiygipn-8fZYjyBTAyZ8GfTqxKS50LgieCzkT3fdNMPq3iCKH4arzpYsGaHvbhB9dghVdm15L6ZnXgw5tzbSE7xFeDZgMTyh6P56R1EbA1S_bMwYaOiQzjbfZ8lRzNCEh32_pZbuZ0jcsgPBNDtPCuOzGRNplEY3Fa7rFBU5ARc9OF0VW8RH6zqOju-iRzuwuJvoNn8coU3xrWo9XfgV4sBhCkd97eBryDrHb6RIEB4mZIiIQUEDsGfeJvSY&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:43 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:43 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058d2e949306944c30b13e8b7cb6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d1858244bb77b51eca33a36b0cb78537a61e360b8bca9505b775eb619c5aff10

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABK; OXPCLK=AAHg4AAAAAAAAABK; ppucnt=74
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABK; OXPCLK=AAHg4AAAAAAAAABK; ppucnt=74
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=TI_zKQYzVQTzFyxqHURJ0PotJOI6U0j8kSdCleL30892sIjm-BSfqbbGBdcf59N3n8Ft2ZfCXzCuZXSwr3S3pNufeVhLrkK1ABxonNOXhLolqdvsjgL738RGD_84T8HmmgtOV8sIBBMlTnc9ULi1m1wZDmyncCajm8zN62XpRyxPhfuSxQpyy2wWQi6Aj6WqCGDuOADHLtmNOSvVGFQsdFDSbaCfSIpxIsn3OEOVxLcJntfZ32BxAjNoa06f3oc9RGRqr1xjuAWLqPWEDw7rkgTf-6Qp5lr02qrz1c93_REjrLybsCSMpdumxixReu1Vu1doNrPrpbD7nqyD98NHdiTLyj16QZ9eKjxjImXcBR9r9O46iLNWHoV7lADldGolu7O78xyoabrobqGtxBl45EmJiZzTYUKhKoYB33-artwrNwAkYSLNwcezWAuhGt3vSemqLV3sFHTGdobqScuyw3oJFVS6qY-MlKODS9qTk0yWFWb_voOE8h9uX9bt13-wDKzxpP5NIp7KHvksGtXF2yE8kwI3wFS5ebvew759ZyYlvhbcNR0CzsSpGBWsj1AhvmyoVqggpPgkhGJz6-Qc33H9pFWIgqwJM3MWUEjMrGbqSl5gKLGNpFIpYw0X6oi07tkH5SbM7ZBC7Eyc7_85I_SQCcec4_o5vEO9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=TI_zKQYzVQTzFyxqHURJ0PotJOI6U0j8kSdCleL30892sIjm-BSfqbbGBdcf59N3n8Ft2ZfCXzCuZXSwr3S3pNufeVhLrkK1ABxonNOXhLolqdvsjgL738RGD_84T8HmmgtOV8sIBBMlTnc9ULi1m1wZDmyncCajm8zN62XpRyxPhfuSxQpyy2wWQi6Aj6WqCGDuOADHLtmNOSvVGFQsdFDSbaCfSIpxIsn3OEOVxLcJntfZ32BxAjNoa06f3oc9RGRqr1xjuAWLqPWEDw7rkgTf-6Qp5lr02qrz1c93_REjrLybsCSMpdumxixReu1Vu1doNrPrpbD7nqyD98NHdiTLyj16QZ9eKjxjImXcBR9r9O46iLNWHoV7lADldGolu7O78xyoabrobqGtxBl45EmJiZzTYUKhKoYB33-artwrNwAkYSLNwcezWAuhGt3vSemqLV3sFHTGdobqScuyw3oJFVS6qY-MlKODS9qTk0yWFWb_voOE8h9uX9bt13-wDKzxpP5NIp7KHvksGtXF2yE8kwI3wFS5ebvew759ZyYlvhbcNR0CzsSpGBWsj1AhvmyoVqggpPgkhGJz6-Qc33H9pFWIgqwJM3MWUEjMrGbqSl5gKLGNpFIpYw0X6oi07tkH5SbM7ZBC7Eyc7_85I_SQCcec4_o5vEO9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABK; OXPCLK=AAHg4AAAAAAAAABK; ppucnt=74
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABL; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABL; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=75; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=TI_zKQYzVQTzFyxqHURJ0PotJOI6U0j8kSdCleL30892sIjm-BSfqbbGBdcf59N3n8Ft2ZfCXzCuZXSwr3S3pNufeVhLrkK1ABxonNOXhLolqdvsjgL738RGD_84T8HmmgtOV8sIBBMlTnc9ULi1m1wZDmyncCajm8zN62XpRyxPhfuSxQpyy2wWQi6Aj6WqCGDuOADHLtmNOSvVGFQsdFDSbaCfSIpxIsn3OEOVxLcJntfZ32BxAjNoa06f3oc9RGRqr1xjuAWLqPWEDw7rkgTf-6Qp5lr02qrz1c93_REjrLybsCSMpdumxixReu1Vu1doNrPrpbD7nqyD98NHdiTLyj16QZ9eKjxjImXcBR9r9O46iLNWHoV7lADldGolu7O78xyoabrobqGtxBl45EmJiZzTYUKhKoYB33-artwrNwAkYSLNwcezWAuhGt3vSemqLV3sFHTGdobqScuyw3oJFVS6qY-MlKODS9qTk0yWFWb_voOE8h9uX9bt13-wDKzxpP5NIp7KHvksGtXF2yE8kwI3wFS5ebvew759ZyYlvhbcNR0CzsSpGBWsj1AhvmyoVqggpPgkhGJz6-Qc33H9pFWIgqwJM3MWUEjMrGbqSl5gKLGNpFIpYw0X6oi07tkH5SbM7ZBC7Eyc7_85I_SQCcec4_o5vEO9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ed7234166964ee48e487d9bae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABL; OXPCLK=AAHg4AAAAAAAAABL; ppucnt=75
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABL; OXPCLK=AAHg4AAAAAAAAABL; ppucnt=75
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=frVN9dNngGMYsPHwWWfdLBYOV9cV5pj0KkOGmiJ8UvaucWFoPJTU1MILrbWA9wyh9nRlBZuQ-JcTy5-VyFWcsU6NYPhWSsDl19I4ziSZVwYUFgTDoB5reYkUnF66eBHgxfaSDrguMFM_Us-ZXNMXsZWsJvQbyzV4Ruv0cuiF9dm5TF4PWRWJYGfQ3jDIbb_TtsYI5S54cX6LZZt4Y2VnlYHxa4Qo3Fn3AhhUi9e7PloWUDhtTivQjiLA6TVZr5HM1WWxN5TbmFkylZCytn2xMzhb9DPyaAulzyKl7iB9MGvmKN0GfKWH9-ic5FFzXBlXHCR4A_6oYzDLlv_ErcR7Kqr5CIwh2Nzu_jDCBbm7CjZg8elEQVU5zu0LR2p34SKByZfilLbur-BWDVohhXGunCtaH36kqaGHdzBdHyGLbrp6Tjctaag5MZRSNEjFIRy2vqeqqPvOiWxNnAbGnzNunsA0XewExRhT44Z03p_ryhEp-_rmqwqqzTyJk_Ejpgad7jCCyi3gaem0so599IDf_IP0eG6jxgnb3isgdgeMc8exD4MziyEx74t7n4SbnhRl9iIRYKvfXIPf9OE_mjGOx4yQoIqWLH3U0g1K-pTPy1MAcJoOKVadPS_FSOMwKuxYgbeFfubI5hPblykausFGdY6IsH4FaGai1_u8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=frVN9dNngGMYsPHwWWfdLBYOV9cV5pj0KkOGmiJ8UvaucWFoPJTU1MILrbWA9wyh9nRlBZuQ-JcTy5-VyFWcsU6NYPhWSsDl19I4ziSZVwYUFgTDoB5reYkUnF66eBHgxfaSDrguMFM_Us-ZXNMXsZWsJvQbyzV4Ruv0cuiF9dm5TF4PWRWJYGfQ3jDIbb_TtsYI5S54cX6LZZt4Y2VnlYHxa4Qo3Fn3AhhUi9e7PloWUDhtTivQjiLA6TVZr5HM1WWxN5TbmFkylZCytn2xMzhb9DPyaAulzyKl7iB9MGvmKN0GfKWH9-ic5FFzXBlXHCR4A_6oYzDLlv_ErcR7Kqr5CIwh2Nzu_jDCBbm7CjZg8elEQVU5zu0LR2p34SKByZfilLbur-BWDVohhXGunCtaH36kqaGHdzBdHyGLbrp6Tjctaag5MZRSNEjFIRy2vqeqqPvOiWxNnAbGnzNunsA0XewExRhT44Z03p_ryhEp-_rmqwqqzTyJk_Ejpgad7jCCyi3gaem0so599IDf_IP0eG6jxgnb3isgdgeMc8exD4MziyEx74t7n4SbnhRl9iIRYKvfXIPf9OE_mjGOx4yQoIqWLH3U0g1K-pTPy1MAcJoOKVadPS_FSOMwKuxYgbeFfubI5hPblykausFGdY6IsH4FaGai1_u8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABL; OXPCLK=AAHg4AAAAAAAAABL; ppucnt=75
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABM; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABM; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=76; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=frVN9dNngGMYsPHwWWfdLBYOV9cV5pj0KkOGmiJ8UvaucWFoPJTU1MILrbWA9wyh9nRlBZuQ-JcTy5-VyFWcsU6NYPhWSsDl19I4ziSZVwYUFgTDoB5reYkUnF66eBHgxfaSDrguMFM_Us-ZXNMXsZWsJvQbyzV4Ruv0cuiF9dm5TF4PWRWJYGfQ3jDIbb_TtsYI5S54cX6LZZt4Y2VnlYHxa4Qo3Fn3AhhUi9e7PloWUDhtTivQjiLA6TVZr5HM1WWxN5TbmFkylZCytn2xMzhb9DPyaAulzyKl7iB9MGvmKN0GfKWH9-ic5FFzXBlXHCR4A_6oYzDLlv_ErcR7Kqr5CIwh2Nzu_jDCBbm7CjZg8elEQVU5zu0LR2p34SKByZfilLbur-BWDVohhXGunCtaH36kqaGHdzBdHyGLbrp6Tjctaag5MZRSNEjFIRy2vqeqqPvOiWxNnAbGnzNunsA0XewExRhT44Z03p_ryhEp-_rmqwqqzTyJk_Ejpgad7jCCyi3gaem0so599IDf_IP0eG6jxgnb3isgdgeMc8exD4MziyEx74t7n4SbnhRl9iIRYKvfXIPf9OE_mjGOx4yQoIqWLH3U0g1K-pTPy1MAcJoOKVadPS_FSOMwKuxYgbeFfubI5hPblykausFGdY6IsH4FaGai1_u8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053014fc5e11a347e897701a9fae&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
75107495fd268f87a13cac2bc0bebbc942bd0e424e5cc4cfcedd8425e68d0024

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABM; OXPCLK=AAHg4AAAAAAAAABM; ppucnt=76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABM; OXPCLK=AAHg4AAAAAAAAABM; ppucnt=76
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=rQQX_M5DybGA6KAMbHbm1wsGuyh5B-WDHDyzYcmSrgri1egeNizjn-tpk4ULLy4krqVu78LEp9DQD7f0ZPfP_nK461QoCLx1KZr3a_wUnYDPqIhe2fvdXmTLPz_glUQeXB__vCMfjIIEs8uJR5FrH8StfgcikluSxqz0LprpIrVsVbUPHUw6jDD4chHRIZaFXfrV8Q6sFXFAxotHGg1btzbH8hxRkF2HAHTmDOOiqhfbh9xHB0j0GA7XQr1YU_TI5Dj0Vi5L6JVvXA40rF29U4ABs0lSF2ZqnN1isd9hRT0neQ-OYeaOBZs0j5tUgNj1dkcekOl_FP9dGxQcUKcQ4vGuvMpNZWBNxVD0NLii9AkwRuc87C3Ty4Tl2j3DiUBX6m0GXTtnOK9FZsUkNa_4bEa_TzI0IR5RnrIxIwCKqOu92q5fTO_bgPJmx1QiAy_fp6WF_kDaCfVNU0DQqwJx11YRV-mJYoQdQSZdIz13IIMygLEfrn-lCi70O06eFG0oVt207mw1lEVQFutwKymoiDU2e_dC4fg7SgswNSu5rwric69U4_P18gnqq-KAGHUcTsuQ6v-dRXRKtZwsHwOlZtpbo0uJlGPBbI1nM584dp3--M3RnR8i5ZLfh_VfqkCUNWE0T8vDsVs0lutYnEgMbJJ5RMWcbpgh34VU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cfc3c902c5f8dd55617d52d06cc5d32ef28684a20361d2955e6ece6726e4632e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=rQQX_M5DybGA6KAMbHbm1wsGuyh5B-WDHDyzYcmSrgri1egeNizjn-tpk4ULLy4krqVu78LEp9DQD7f0ZPfP_nK461QoCLx1KZr3a_wUnYDPqIhe2fvdXmTLPz_glUQeXB__vCMfjIIEs8uJR5FrH8StfgcikluSxqz0LprpIrVsVbUPHUw6jDD4chHRIZaFXfrV8Q6sFXFAxotHGg1btzbH8hxRkF2HAHTmDOOiqhfbh9xHB0j0GA7XQr1YU_TI5Dj0Vi5L6JVvXA40rF29U4ABs0lSF2ZqnN1isd9hRT0neQ-OYeaOBZs0j5tUgNj1dkcekOl_FP9dGxQcUKcQ4vGuvMpNZWBNxVD0NLii9AkwRuc87C3Ty4Tl2j3DiUBX6m0GXTtnOK9FZsUkNa_4bEa_TzI0IR5RnrIxIwCKqOu92q5fTO_bgPJmx1QiAy_fp6WF_kDaCfVNU0DQqwJx11YRV-mJYoQdQSZdIz13IIMygLEfrn-lCi70O06eFG0oVt207mw1lEVQFutwKymoiDU2e_dC4fg7SgswNSu5rwric69U4_P18gnqq-KAGHUcTsuQ6v-dRXRKtZwsHwOlZtpbo0uJlGPBbI1nM584dp3--M3RnR8i5ZLfh_VfqkCUNWE0T8vDsVs0lutYnEgMbJJ5RMWcbpgh34VU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABM; OXPCLK=AAHg4AAAAAAAAABM; ppucnt=76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABN; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABN; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=77; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=rQQX_M5DybGA6KAMbHbm1wsGuyh5B-WDHDyzYcmSrgri1egeNizjn-tpk4ULLy4krqVu78LEp9DQD7f0ZPfP_nK461QoCLx1KZr3a_wUnYDPqIhe2fvdXmTLPz_glUQeXB__vCMfjIIEs8uJR5FrH8StfgcikluSxqz0LprpIrVsVbUPHUw6jDD4chHRIZaFXfrV8Q6sFXFAxotHGg1btzbH8hxRkF2HAHTmDOOiqhfbh9xHB0j0GA7XQr1YU_TI5Dj0Vi5L6JVvXA40rF29U4ABs0lSF2ZqnN1isd9hRT0neQ-OYeaOBZs0j5tUgNj1dkcekOl_FP9dGxQcUKcQ4vGuvMpNZWBNxVD0NLii9AkwRuc87C3Ty4Tl2j3DiUBX6m0GXTtnOK9FZsUkNa_4bEa_TzI0IR5RnrIxIwCKqOu92q5fTO_bgPJmx1QiAy_fp6WF_kDaCfVNU0DQqwJx11YRV-mJYoQdQSZdIz13IIMygLEfrn-lCi70O06eFG0oVt207mw1lEVQFutwKymoiDU2e_dC4fg7SgswNSu5rwric69U4_P18gnqq-KAGHUcTsuQ6v-dRXRKtZwsHwOlZtpbo0uJlGPBbI1nM584dp3--M3RnR8i5ZLfh_VfqkCUNWE0T8vDsVs0lutYnEgMbJJ5RMWcbpgh34VU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058f4b6e5800634dbab6af634772&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
15c47f98ad07dd1f5179a0b7d9baa5136d785ed9e9e70fb38bd546610bd90f17

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABN; OXPCLK=AAHg4AAAAAAAAABN; ppucnt=77
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABN; OXPCLK=AAHg4AAAAAAAAABN; ppucnt=77
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=gomq9Dp9qVJZR1aW2FKQyuweAAVE0kBz17WM2cXZ_X6IMPtuE9BRod21X6KUq8WsMmgUzf1mIBhq5ceSGczRK6-Yq7wzpZD3wvGeZ9q_CzNYizo9wIg89ZUniEHD53seys8wsHGAus8c-gqiiIdJKntRwtLzdLBGiChhmCDD_aRWSlf-nK_iMKo_L59-vrS7ebJLzEKoPOLF1IHBMR443UWzzmSJeHQ-H1m34rPWpfeobMWEihvb2PzsXDy8E73JyEwZTqJPyJ1gIVAmgi5QMdCrNGXSGNCKDaun05NFyUa0tLnz9ETUH4ooRQkkRxu_O-YNdkzBt1gNh-EPzzc2frgZFaPyIo4mc5FdK0ghjJzZqGf3BsumLvVLplmLKVD9WyYoDEXkvJpAZy_OoZiHW3bBFDazu4Tc_idRCTTRy52uCPZa7JXf4-sMhsIaWCsnP690ujW484XQ8k0EqPZenaYPLPSAbAOjQyu5mdoNX-DNboBJKH5jcGwfvjueVmK3rxnxTCYULTECsGrQtNdXscZpkUMs4wzrrdOw0BD3tTvkTdgkSQtyq_tuqeQk3GmNtgXgdRoigdd7sfxzfIgFFuJO2nRf2GF7mWYuia3shM7Oh4TMH6AoewN9wD4W_k4_5_BYwM3sz5AB6pAqcDerUPWQKMuMN7qehMgJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fc7dfbd9faaddf6001ec46ef87c4023b901e7dfebfa413c897c0b870b3064d23

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=gomq9Dp9qVJZR1aW2FKQyuweAAVE0kBz17WM2cXZ_X6IMPtuE9BRod21X6KUq8WsMmgUzf1mIBhq5ceSGczRK6-Yq7wzpZD3wvGeZ9q_CzNYizo9wIg89ZUniEHD53seys8wsHGAus8c-gqiiIdJKntRwtLzdLBGiChhmCDD_aRWSlf-nK_iMKo_L59-vrS7ebJLzEKoPOLF1IHBMR443UWzzmSJeHQ-H1m34rPWpfeobMWEihvb2PzsXDy8E73JyEwZTqJPyJ1gIVAmgi5QMdCrNGXSGNCKDaun05NFyUa0tLnz9ETUH4ooRQkkRxu_O-YNdkzBt1gNh-EPzzc2frgZFaPyIo4mc5FdK0ghjJzZqGf3BsumLvVLplmLKVD9WyYoDEXkvJpAZy_OoZiHW3bBFDazu4Tc_idRCTTRy52uCPZa7JXf4-sMhsIaWCsnP690ujW484XQ8k0EqPZenaYPLPSAbAOjQyu5mdoNX-DNboBJKH5jcGwfvjueVmK3rxnxTCYULTECsGrQtNdXscZpkUMs4wzrrdOw0BD3tTvkTdgkSQtyq_tuqeQk3GmNtgXgdRoigdd7sfxzfIgFFuJO2nRf2GF7mWYuia3shM7Oh4TMH6AoewN9wD4W_k4_5_BYwM3sz5AB6pAqcDerUPWQKMuMN7qehMgJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABN; OXPCLK=AAHg4AAAAAAAAABN; ppucnt=77
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABO; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABO; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=78; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=gomq9Dp9qVJZR1aW2FKQyuweAAVE0kBz17WM2cXZ_X6IMPtuE9BRod21X6KUq8WsMmgUzf1mIBhq5ceSGczRK6-Yq7wzpZD3wvGeZ9q_CzNYizo9wIg89ZUniEHD53seys8wsHGAus8c-gqiiIdJKntRwtLzdLBGiChhmCDD_aRWSlf-nK_iMKo_L59-vrS7ebJLzEKoPOLF1IHBMR443UWzzmSJeHQ-H1m34rPWpfeobMWEihvb2PzsXDy8E73JyEwZTqJPyJ1gIVAmgi5QMdCrNGXSGNCKDaun05NFyUa0tLnz9ETUH4ooRQkkRxu_O-YNdkzBt1gNh-EPzzc2frgZFaPyIo4mc5FdK0ghjJzZqGf3BsumLvVLplmLKVD9WyYoDEXkvJpAZy_OoZiHW3bBFDazu4Tc_idRCTTRy52uCPZa7JXf4-sMhsIaWCsnP690ujW484XQ8k0EqPZenaYPLPSAbAOjQyu5mdoNX-DNboBJKH5jcGwfvjueVmK3rxnxTCYULTECsGrQtNdXscZpkUMs4wzrrdOw0BD3tTvkTdgkSQtyq_tuqeQk3GmNtgXgdRoigdd7sfxzfIgFFuJO2nRf2GF7mWYuia3shM7Oh4TMH6AoewN9wD4W_k4_5_BYwM3sz5AB6pAqcDerUPWQKMuMN7qehMgJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405923088b06b9f44578b2a8bf2a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7ad1fd709bb715ac10de1ebb5744d565592c8e7f02762aeaf85d0cbf05a306a0

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABO; OXPCLK=AAHg4AAAAAAAAABO; ppucnt=78
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABO; OXPCLK=AAHg4AAAAAAAAABO; ppucnt=78
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=Z_LEuEDvwwQ7WRc6qOAc5wmtMLvPu23IO6kxQGuGfxV5TJv3OWfzOFtFSUq5LgMWaPanXnwfffiS1L2eZdaUKyP4dEE69aaHjRodZj-bqFemb4rufdgBlYr5UW9Lo5gYr7nZCdq7qAp5Zf6px_ciVXNjdhzEctvt1ufhX-E6_B3WWrojMjODqYFFgla9K5A7XMlR-OnPreswY1H-8UNxtxULThxP8K-mglm5dXkUuI0Ni6Dh0dhEQPICoV77hnblkSX7HIT4_XF_NFESZf8byVRRHgFknrzreL7DVmNarCM60E65lb4HKVdXaKag-OtaGzIlZ1R7lfU9sNeR_duExLpsjh2ODFFHb3_ju1Aid88zWZW1SfXlMR-0CKcupa-qeFNVjey3VrfVaAwBrjwtnO9msmblnhv-ukAykK09QoxchCXLDsnzahIc-pfCydGMMDiJvmam8tukSX-mFqHgDOwaHbUf8WKUqXzqJw3xKa8DoNlQ9l58Q70wmH33GPER9YoVHww7PHEI3L4WmYPR4lEGAjc9CpxdJP6pQQjCFerlBKI3vozhHTom5Dh3dihekf2fhitT2nlRswWrv-hOJapb38Xg5KKtjl4DKYig60hasS_hyrqdEJyInIPgkk4ZHwTcgM_HplxceNNSlFqe24RWXEi3n8nF_WHZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
79790b6a6c176daf15a1a222f1747dd59e5f3e39ea375cc19de3bbc42e2cb5aa

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=Z_LEuEDvwwQ7WRc6qOAc5wmtMLvPu23IO6kxQGuGfxV5TJv3OWfzOFtFSUq5LgMWaPanXnwfffiS1L2eZdaUKyP4dEE69aaHjRodZj-bqFemb4rufdgBlYr5UW9Lo5gYr7nZCdq7qAp5Zf6px_ciVXNjdhzEctvt1ufhX-E6_B3WWrojMjODqYFFgla9K5A7XMlR-OnPreswY1H-8UNxtxULThxP8K-mglm5dXkUuI0Ni6Dh0dhEQPICoV77hnblkSX7HIT4_XF_NFESZf8byVRRHgFknrzreL7DVmNarCM60E65lb4HKVdXaKag-OtaGzIlZ1R7lfU9sNeR_duExLpsjh2ODFFHb3_ju1Aid88zWZW1SfXlMR-0CKcupa-qeFNVjey3VrfVaAwBrjwtnO9msmblnhv-ukAykK09QoxchCXLDsnzahIc-pfCydGMMDiJvmam8tukSX-mFqHgDOwaHbUf8WKUqXzqJw3xKa8DoNlQ9l58Q70wmH33GPER9YoVHww7PHEI3L4WmYPR4lEGAjc9CpxdJP6pQQjCFerlBKI3vozhHTom5Dh3dihekf2fhitT2nlRswWrv-hOJapb38Xg5KKtjl4DKYig60hasS_hyrqdEJyInIPgkk4ZHwTcgM_HplxceNNSlFqe24RWXEi3n8nF_WHZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABO; OXPCLK=AAHg4AAAAAAAAABO; ppucnt=78
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABP; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABP; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=79; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=Z_LEuEDvwwQ7WRc6qOAc5wmtMLvPu23IO6kxQGuGfxV5TJv3OWfzOFtFSUq5LgMWaPanXnwfffiS1L2eZdaUKyP4dEE69aaHjRodZj-bqFemb4rufdgBlYr5UW9Lo5gYr7nZCdq7qAp5Zf6px_ciVXNjdhzEctvt1ufhX-E6_B3WWrojMjODqYFFgla9K5A7XMlR-OnPreswY1H-8UNxtxULThxP8K-mglm5dXkUuI0Ni6Dh0dhEQPICoV77hnblkSX7HIT4_XF_NFESZf8byVRRHgFknrzreL7DVmNarCM60E65lb4HKVdXaKag-OtaGzIlZ1R7lfU9sNeR_duExLpsjh2ODFFHb3_ju1Aid88zWZW1SfXlMR-0CKcupa-qeFNVjey3VrfVaAwBrjwtnO9msmblnhv-ukAykK09QoxchCXLDsnzahIc-pfCydGMMDiJvmam8tukSX-mFqHgDOwaHbUf8WKUqXzqJw3xKa8DoNlQ9l58Q70wmH33GPER9YoVHww7PHEI3L4WmYPR4lEGAjc9CpxdJP6pQQjCFerlBKI3vozhHTom5Dh3dihekf2fhitT2nlRswWrv-hOJapb38Xg5KKtjl4DKYig60hasS_hyrqdEJyInIPgkk4ZHwTcgM_HplxceNNSlFqe24RWXEi3n8nF_WHZ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405bcc5a41012b04087a0f9ff1d35&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6135a098d34f0c6c80d25867bb9a316caa0ddf65258ba7f684b22c9ec3afac87

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABP; OXPCLK=AAHg4AAAAAAAAABP; ppucnt=79
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABP; OXPCLK=AAHg4AAAAAAAAABP; ppucnt=79
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=EZyKCZYDtAh-I1KKaZIeiJYKKPOus-mwj12E8wehN1rdozDb7vcKGiBDsCqDkPGnFZgnfMBSaUQ0Aogq66jUH45ac3r4RzJ0OiWRCHZegJ5eNtuNr_dNPs01m9W3I9WAvunwYkuUbFaQ3_yFrvAnZFsQgfxlFit4JRh8xMNRk6iQ5ay1g8FDDtTFJQhevm5AltekJcmx7lNsvUc9mqmhAmMue7z4efdEs8bF-26vxG3eyXOL09KJYz9bYVhAuZeBvnBdkLgLlNvcZKxU4H72h5Dr1uH1RTKaYJ2lBPfw-Ora5QLj6AmPKZVouM42qg44jN7eIVLmzn4hPaymrcpOf0ZplkYoAywrtNeiuKl7IhU96Fa_3d2A2kkIoj3iEE6r6DA3zmj52pKDVo1RBXwgOwJEZp2uYamNjKdDPWymHL2QhKnHPG_v3GPyVY9DW9kyvOhkTSPEsWE4YEDIhspkfdb6HemzaXPurtF-nhdEiSAtsODxl-C73AGEqXGEjHptx3dj6zam3-ZdixPNthvA6MN6BzzHVM5YIhhK_4rEDXwr4IE35_u44YwiRNTzTDLRCt6pMG9mKayzkqWtEHmHDWl2Owmvqt-gyP9oy7wDKEpJNmc-u8Ga-uWNyh2hhcKfVM5Bg4sp1m8GXe5J2xBeRdxbrjCic5WIasy3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7b181dae4c29623c191d37bab72c66ad2685abaa4f224124f66c2c04c53da185

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=EZyKCZYDtAh-I1KKaZIeiJYKKPOus-mwj12E8wehN1rdozDb7vcKGiBDsCqDkPGnFZgnfMBSaUQ0Aogq66jUH45ac3r4RzJ0OiWRCHZegJ5eNtuNr_dNPs01m9W3I9WAvunwYkuUbFaQ3_yFrvAnZFsQgfxlFit4JRh8xMNRk6iQ5ay1g8FDDtTFJQhevm5AltekJcmx7lNsvUc9mqmhAmMue7z4efdEs8bF-26vxG3eyXOL09KJYz9bYVhAuZeBvnBdkLgLlNvcZKxU4H72h5Dr1uH1RTKaYJ2lBPfw-Ora5QLj6AmPKZVouM42qg44jN7eIVLmzn4hPaymrcpOf0ZplkYoAywrtNeiuKl7IhU96Fa_3d2A2kkIoj3iEE6r6DA3zmj52pKDVo1RBXwgOwJEZp2uYamNjKdDPWymHL2QhKnHPG_v3GPyVY9DW9kyvOhkTSPEsWE4YEDIhspkfdb6HemzaXPurtF-nhdEiSAtsODxl-C73AGEqXGEjHptx3dj6zam3-ZdixPNthvA6MN6BzzHVM5YIhhK_4rEDXwr4IE35_u44YwiRNTzTDLRCt6pMG9mKayzkqWtEHmHDWl2Owmvqt-gyP9oy7wDKEpJNmc-u8Ga-uWNyh2hhcKfVM5Bg4sp1m8GXe5J2xBeRdxbrjCic5WIasy3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABP; OXPCLK=AAHg4AAAAAAAAABP; ppucnt=79
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABQ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABQ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=80; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=EZyKCZYDtAh-I1KKaZIeiJYKKPOus-mwj12E8wehN1rdozDb7vcKGiBDsCqDkPGnFZgnfMBSaUQ0Aogq66jUH45ac3r4RzJ0OiWRCHZegJ5eNtuNr_dNPs01m9W3I9WAvunwYkuUbFaQ3_yFrvAnZFsQgfxlFit4JRh8xMNRk6iQ5ay1g8FDDtTFJQhevm5AltekJcmx7lNsvUc9mqmhAmMue7z4efdEs8bF-26vxG3eyXOL09KJYz9bYVhAuZeBvnBdkLgLlNvcZKxU4H72h5Dr1uH1RTKaYJ2lBPfw-Ora5QLj6AmPKZVouM42qg44jN7eIVLmzn4hPaymrcpOf0ZplkYoAywrtNeiuKl7IhU96Fa_3d2A2kkIoj3iEE6r6DA3zmj52pKDVo1RBXwgOwJEZp2uYamNjKdDPWymHL2QhKnHPG_v3GPyVY9DW9kyvOhkTSPEsWE4YEDIhspkfdb6HemzaXPurtF-nhdEiSAtsODxl-C73AGEqXGEjHptx3dj6zam3-ZdixPNthvA6MN6BzzHVM5YIhhK_4rEDXwr4IE35_u44YwiRNTzTDLRCt6pMG9mKayzkqWtEHmHDWl2Owmvqt-gyP9oy7wDKEpJNmc-u8Ga-uWNyh2hhcKfVM5Bg4sp1m8GXe5J2xBeRdxbrjCic5WIasy3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214056fafd718a77c489dbadf186eac&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8ba5a0cd15a7aa03774db9a4efc369a1b098e5a8c0460198aa1ab5837b2dbc38

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABQ; OXPCLK=AAHg4AAAAAAAAABQ; ppucnt=80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABQ; OXPCLK=AAHg4AAAAAAAAABQ; ppucnt=80
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=MSr_kEDUDkBz--jlc0t5OIBEJMNUOvtoDWiOrTw86ntBYWwLXWXCyz7G7rWDE11ttUjnEmkG9oaelujFJtoZ6Ram9SE2mtxuoEwZQnqIpwATvRCgT9vVN4w9RIpOlkrhuk_3BZbBmbbMGZX1EmOTQtocb03I9_gLNSsTLVzNSMcm0YkR0hPQWqsCmR9rlZcaMXul3XQQ4uTBzlD1V2EmpIU4JgEcTD4ISblMQMDP65tkbdcF2GPNAOLqNaBcabJLujyVa7_j4Zmd0_HQM9BZaZsUDYG8veB6_hVtGqsaGUNXdFZIK6Ta3e1eez93XIL3ra__Cx80sD_a4Eg5yi8BpIMekUPLWQYYAtocbFvHyKYOEwGPc3EYR08G0rRmCR6RdC4o5bL0llHFxQetGkyJYTA8kMCm9rh0E1tAXOVM8LZXyyaYhg6-AgOGynsS74G5_rEJOzOe--ESvJ18qbpYm9_DcX-i3ziFaoS27721EkjzOizSbq69WBM67gfd0sdA_lNktK-dZ2xEAbQt58OzbNwCjQjsXTcaOCWZSijDa7A1g6QtAVrlHEcyHwQS2T_XDo7M6NvbX246-zZWXqG9DxRISiTD5Wi-lwrkB23pSdZERrcBH4hcjTYqa8iyEM0nF2UpqNsqETa7DPxBRC8J_Ja9EgVBjDh57IOq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5f6058b49c1802f5414a59652e36c5bfee1424c3033f808488e7c5d1b66bfd14

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=MSr_kEDUDkBz--jlc0t5OIBEJMNUOvtoDWiOrTw86ntBYWwLXWXCyz7G7rWDE11ttUjnEmkG9oaelujFJtoZ6Ram9SE2mtxuoEwZQnqIpwATvRCgT9vVN4w9RIpOlkrhuk_3BZbBmbbMGZX1EmOTQtocb03I9_gLNSsTLVzNSMcm0YkR0hPQWqsCmR9rlZcaMXul3XQQ4uTBzlD1V2EmpIU4JgEcTD4ISblMQMDP65tkbdcF2GPNAOLqNaBcabJLujyVa7_j4Zmd0_HQM9BZaZsUDYG8veB6_hVtGqsaGUNXdFZIK6Ta3e1eez93XIL3ra__Cx80sD_a4Eg5yi8BpIMekUPLWQYYAtocbFvHyKYOEwGPc3EYR08G0rRmCR6RdC4o5bL0llHFxQetGkyJYTA8kMCm9rh0E1tAXOVM8LZXyyaYhg6-AgOGynsS74G5_rEJOzOe--ESvJ18qbpYm9_DcX-i3ziFaoS27721EkjzOizSbq69WBM67gfd0sdA_lNktK-dZ2xEAbQt58OzbNwCjQjsXTcaOCWZSijDa7A1g6QtAVrlHEcyHwQS2T_XDo7M6NvbX246-zZWXqG9DxRISiTD5Wi-lwrkB23pSdZERrcBH4hcjTYqa8iyEM0nF2UpqNsqETa7DPxBRC8J_Ja9EgVBjDh57IOq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABQ; OXPCLK=AAHg4AAAAAAAAABQ; ppucnt=80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABR; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABR; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=81; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=MSr_kEDUDkBz--jlc0t5OIBEJMNUOvtoDWiOrTw86ntBYWwLXWXCyz7G7rWDE11ttUjnEmkG9oaelujFJtoZ6Ram9SE2mtxuoEwZQnqIpwATvRCgT9vVN4w9RIpOlkrhuk_3BZbBmbbMGZX1EmOTQtocb03I9_gLNSsTLVzNSMcm0YkR0hPQWqsCmR9rlZcaMXul3XQQ4uTBzlD1V2EmpIU4JgEcTD4ISblMQMDP65tkbdcF2GPNAOLqNaBcabJLujyVa7_j4Zmd0_HQM9BZaZsUDYG8veB6_hVtGqsaGUNXdFZIK6Ta3e1eez93XIL3ra__Cx80sD_a4Eg5yi8BpIMekUPLWQYYAtocbFvHyKYOEwGPc3EYR08G0rRmCR6RdC4o5bL0llHFxQetGkyJYTA8kMCm9rh0E1tAXOVM8LZXyyaYhg6-AgOGynsS74G5_rEJOzOe--ESvJ18qbpYm9_DcX-i3ziFaoS27721EkjzOizSbq69WBM67gfd0sdA_lNktK-dZ2xEAbQt58OzbNwCjQjsXTcaOCWZSijDa7A1g6QtAVrlHEcyHwQS2T_XDo7M6NvbX246-zZWXqG9DxRISiTD5Wi-lwrkB23pSdZERrcBH4hcjTYqa8iyEM0nF2UpqNsqETa7DPxBRC8J_Ja9EgVBjDh57IOq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214057ad8d3dd480149c58148c6cfc1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a826c860d3eb28994f049c197169bae1481d1abca24d4a3c3a16a5b2ff094599

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABR; OXPCLK=AAHg4AAAAAAAAABR; ppucnt=81
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABR; OXPCLK=AAHg4AAAAAAAAABR; ppucnt=81
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=9dT8pItUhtG_PEGMgOpiuY3adnOEbJuU8sG5Uy9lb4UKkMbueXtpHamwExhDZPawdXsoGWHr7zFaSRME9YlkVqITd_yWXwl7G5CaWVm3kyAY1nRpv31XIWp5SfKc77H_hdCXRqiwcsgEJdaEv1rEh1zXSG3JfXBLMuZZ3kl-PYUThVwU03t0LnAhunedCuU4TCrlnjulPPOt4WpJySvxKm2X9VQXxLfZ1KbX6NmtbKGm6ZYK335WW49AINzxDi74hY4A4ble2elqUNEIcWMq_mqS7yZD5b7RrXTMLiTtpJxjFwOAB3Gzg7hrvWWmIJucrXG11IFBJMK6OUFAzZdHnovKp6_cdR7yl2IjFPR9jNXMh2A3dM8c240BcHruv3BUEd1fIoKTAbmVPelY1xrOuSrHZTv15JPATFYH6Do5cTWxZhRtAHA0spL12p0oI19ENmQ58BxF7E_a5fRRV1CA8bwbREzQYhSmU1tgILMifMZOXkJ46VbSJUuxPGYePwrDyAstVda2QwjWGQ3u5K7XWMZLbbqIcgojUcVkttxVc_Ptovk92R3XnIlYChS6CKKp217OTIijOrWenFWWqs0cnU4k9lfpT4JGQTfgtff-IfJCzwf3q0iuFZPjBmY4fkYWuCqaXGPRUsxA-R4EQzEqZ-kAfhMhb4b_-qZq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96d47134ffc7cd91be9ea280afbede14db9c3f22b7b11d75ab5df5ff3c000d7e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=9dT8pItUhtG_PEGMgOpiuY3adnOEbJuU8sG5Uy9lb4UKkMbueXtpHamwExhDZPawdXsoGWHr7zFaSRME9YlkVqITd_yWXwl7G5CaWVm3kyAY1nRpv31XIWp5SfKc77H_hdCXRqiwcsgEJdaEv1rEh1zXSG3JfXBLMuZZ3kl-PYUThVwU03t0LnAhunedCuU4TCrlnjulPPOt4WpJySvxKm2X9VQXxLfZ1KbX6NmtbKGm6ZYK335WW49AINzxDi74hY4A4ble2elqUNEIcWMq_mqS7yZD5b7RrXTMLiTtpJxjFwOAB3Gzg7hrvWWmIJucrXG11IFBJMK6OUFAzZdHnovKp6_cdR7yl2IjFPR9jNXMh2A3dM8c240BcHruv3BUEd1fIoKTAbmVPelY1xrOuSrHZTv15JPATFYH6Do5cTWxZhRtAHA0spL12p0oI19ENmQ58BxF7E_a5fRRV1CA8bwbREzQYhSmU1tgILMifMZOXkJ46VbSJUuxPGYePwrDyAstVda2QwjWGQ3u5K7XWMZLbbqIcgojUcVkttxVc_Ptovk92R3XnIlYChS6CKKp217OTIijOrWenFWWqs0cnU4k9lfpT4JGQTfgtff-IfJCzwf3q0iuFZPjBmY4fkYWuCqaXGPRUsxA-R4EQzEqZ-kAfhMhb4b_-qZq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABR; OXPCLK=AAHg4AAAAAAAAABR; ppucnt=81
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABS; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure OXPCLK=AAHg4AAAAAAAAABS; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure ppucnt=82; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=5ae5af2b08526a694658838f9a8d1bdb1631480744&psp=9dT8pItUhtG_PEGMgOpiuY3adnOEbJuU8sG5Uy9lb4UKkMbueXtpHamwExhDZPawdXsoGWHr7zFaSRME9YlkVqITd_yWXwl7G5CaWVm3kyAY1nRpv31XIWp5SfKc77H_hdCXRqiwcsgEJdaEv1rEh1zXSG3JfXBLMuZZ3kl-PYUThVwU03t0LnAhunedCuU4TCrlnjulPPOt4WpJySvxKm2X9VQXxLfZ1KbX6NmtbKGm6ZYK335WW49AINzxDi74hY4A4ble2elqUNEIcWMq_mqS7yZD5b7RrXTMLiTtpJxjFwOAB3Gzg7hrvWWmIJucrXG11IFBJMK6OUFAzZdHnovKp6_cdR7yl2IjFPR9jNXMh2A3dM8c240BcHruv3BUEd1fIoKTAbmVPelY1xrOuSrHZTv15JPATFYH6Do5cTWxZhRtAHA0spL12p0oI19ENmQ58BxF7E_a5fRRV1CA8bwbREzQYhSmU1tgILMifMZOXkJ46VbSJUuxPGYePwrDyAstVda2QwjWGQ3u5K7XWMZLbbqIcgojUcVkttxVc_Ptovk92R3XnIlYChS6CKKp217OTIijOrWenFWWqs0cnU4k9lfpT4JGQTfgtff-IfJCzwf3q0iuFZPjBmY4fkYWuCqaXGPRUsxA-R4EQzEqZ-kAfhMhb4b_-qZq&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140595d3b19f66574fcaa498b85041&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e737f1604553fa836a7ec58da1caa9f4df58674be49544dbc88abc139f9d3a99

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABS; OXPCLK=AAHg4AAAAAAAAABS; ppucnt=82
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABS; OXPCLK=AAHg4AAAAAAAAABS; ppucnt=82
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=-XBcuEPaPCtv6wkvBLjhAcJ3HY4iiammqXqRVTzxmNdeW8M6IBhsMNbbiXpKUhWDZaKfCPhNLOUvmbJXZQn8ioJkbY44EqhiQ9JRJIbyd7p8gqY11B-OIfuWjFuhDBddtVnvLmeWRzjuHSdbGKIQ7zUPHvcjqD64H5Axnlg7vX5jetCuvviVGTj3vT717e1q7EfVpHbVwaNaY439IduSOW--bsiy3rHhM5ZvHNjpEugRHENtMYEEs66-fqEj7epwwj1soC3DPMUXUWkVCzbCMaRQ9fiV1MqsCEjC1bhQFOgMc17rPOGbSgbTDxJ7RLNwufHP8SYFN87Tvyn8th1t4RYfmuWljs43TfypPtWo1y6I0yrzGhdTzDNbOdBgGJAheupQAcATMDVn9YWckKKiPVUnc1OV3NkfmiwzigtfcHG9aJOHyerq4FLGPVHoERFDrX8YebcnegfYXyTjidjEOuwD7lpEAoSNXauE94xIDghBEc8palYxxm_kgl7pWul-8eh6e5d3zm6NieaEsZvwuB9eBLo2ZUAPj3-4mr0RzmhkLG3qYyQLTYAoKC8EW3IrVmsShuLrF2Lr6-1SumQ89tfHqNeaZhFsj7VrhiA_OENAMwBrubRVpltALNYPISQIFqXuZoEmpkt_RkiXKrlm0ooUa8Tcez73sZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
81d40b58e90c4be6a93c0970b4432c1ba1701fb90562f5ebde01bce09f245af4

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=-XBcuEPaPCtv6wkvBLjhAcJ3HY4iiammqXqRVTzxmNdeW8M6IBhsMNbbiXpKUhWDZaKfCPhNLOUvmbJXZQn8ioJkbY44EqhiQ9JRJIbyd7p8gqY11B-OIfuWjFuhDBddtVnvLmeWRzjuHSdbGKIQ7zUPHvcjqD64H5Axnlg7vX5jetCuvviVGTj3vT717e1q7EfVpHbVwaNaY439IduSOW--bsiy3rHhM5ZvHNjpEugRHENtMYEEs66-fqEj7epwwj1soC3DPMUXUWkVCzbCMaRQ9fiV1MqsCEjC1bhQFOgMc17rPOGbSgbTDxJ7RLNwufHP8SYFN87Tvyn8th1t4RYfmuWljs43TfypPtWo1y6I0yrzGhdTzDNbOdBgGJAheupQAcATMDVn9YWckKKiPVUnc1OV3NkfmiwzigtfcHG9aJOHyerq4FLGPVHoERFDrX8YebcnegfYXyTjidjEOuwD7lpEAoSNXauE94xIDghBEc8palYxxm_kgl7pWul-8eh6e5d3zm6NieaEsZvwuB9eBLo2ZUAPj3-4mr0RzmhkLG3qYyQLTYAoKC8EW3IrVmsShuLrF2Lr6-1SumQ89tfHqNeaZhFsj7VrhiA_OENAMwBrubRVpltALNYPISQIFqXuZoEmpkt_RkiXKrlm0ooUa8Tcez73sZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABS; OXPCLK=AAHg4AAAAAAAAABS; ppucnt=82
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABT; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure OXPCLK=AAHg4AAAAAAAAABT; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure ppucnt=83; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=-XBcuEPaPCtv6wkvBLjhAcJ3HY4iiammqXqRVTzxmNdeW8M6IBhsMNbbiXpKUhWDZaKfCPhNLOUvmbJXZQn8ioJkbY44EqhiQ9JRJIbyd7p8gqY11B-OIfuWjFuhDBddtVnvLmeWRzjuHSdbGKIQ7zUPHvcjqD64H5Axnlg7vX5jetCuvviVGTj3vT717e1q7EfVpHbVwaNaY439IduSOW--bsiy3rHhM5ZvHNjpEugRHENtMYEEs66-fqEj7epwwj1soC3DPMUXUWkVCzbCMaRQ9fiV1MqsCEjC1bhQFOgMc17rPOGbSgbTDxJ7RLNwufHP8SYFN87Tvyn8th1t4RYfmuWljs43TfypPtWo1y6I0yrzGhdTzDNbOdBgGJAheupQAcATMDVn9YWckKKiPVUnc1OV3NkfmiwzigtfcHG9aJOHyerq4FLGPVHoERFDrX8YebcnegfYXyTjidjEOuwD7lpEAoSNXauE94xIDghBEc8palYxxm_kgl7pWul-8eh6e5d3zm6NieaEsZvwuB9eBLo2ZUAPj3-4mr0RzmhkLG3qYyQLTYAoKC8EW3IrVmsShuLrF2Lr6-1SumQ89tfHqNeaZhFsj7VrhiA_OENAMwBrubRVpltALNYPISQIFqXuZoEmpkt_RkiXKrlm0ooUa8Tcez73sZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da3a10585c6148e4ba945f9ce0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e1c236e7e5b6104292c5fb935c4cc0ae35ff40db9b09a832553ef3fd3aa6b60b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABT; OXPCLK=AAHg4AAAAAAAAABT; ppucnt=83
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABT; OXPCLK=AAHg4AAAAAAAAABT; ppucnt=83
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=UNrVG2TE_TvFnFj69zyf4vlD8IOf_JbZOtL1IteBUYblljxQnzXml8axbofnN7W9R4ga9lJ5JVmnrhTNHHLK8C98bkKGQeLK0qcXHt6Ozc4_MrhveIdTwiwktGVfHV_3XLTX0XM0yHFde8D_R7UxMWDD5lf1SndfTx8rK9UCnRUzbrqYkS7Lprdgv9YHIEOFr69lM8iQFvZ9Q2FJD7dtm4hl9_tlU4Z1_RlXrfWaGeKouxERcXeaJ___fertvPdihPUSy76IqvRXsRTzOkP8N5aiihEWqLGSkq6THfcyA9Ahsm-i-oypiM8iBeCnRDNCT93WRL91OxNr8vldiNmPh1pit3L89ov7d5C9RXe1ufu6k4FYJ2TvDTH6xjV692cPWPYYpo-P-5sNkc9jByYzBqW0WAK_L56DZpk0b-ogRhJbDQ-KowCenM4hHloBm7t93ZrGIfcSB_93RMBo6U0g953WqBF1cGG0bV2SV62QrDXHKJkDhoGNc4EeblHkDAyPfQn4lh7ZbEDbBau4wKL5JOo7cfKJMiyZmlPuXBKBcRa1LKr7V-tEH3BB9FifZMCXW7m5PLIlbV9BmBHZvhjwZiyF0YxjsWOAoAuJ4rvy3IP9pOqSXsawie5BZYu1j31qinEY73UmsU9I9mbvVURjemT9TxQ4yH2pc1vk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2d3b817c6796ae2786b5ee6db8653077d52d1c888ad98efdfdcb21bb83770252

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=UNrVG2TE_TvFnFj69zyf4vlD8IOf_JbZOtL1IteBUYblljxQnzXml8axbofnN7W9R4ga9lJ5JVmnrhTNHHLK8C98bkKGQeLK0qcXHt6Ozc4_MrhveIdTwiwktGVfHV_3XLTX0XM0yHFde8D_R7UxMWDD5lf1SndfTx8rK9UCnRUzbrqYkS7Lprdgv9YHIEOFr69lM8iQFvZ9Q2FJD7dtm4hl9_tlU4Z1_RlXrfWaGeKouxERcXeaJ___fertvPdihPUSy76IqvRXsRTzOkP8N5aiihEWqLGSkq6THfcyA9Ahsm-i-oypiM8iBeCnRDNCT93WRL91OxNr8vldiNmPh1pit3L89ov7d5C9RXe1ufu6k4FYJ2TvDTH6xjV692cPWPYYpo-P-5sNkc9jByYzBqW0WAK_L56DZpk0b-ogRhJbDQ-KowCenM4hHloBm7t93ZrGIfcSB_93RMBo6U0g953WqBF1cGG0bV2SV62QrDXHKJkDhoGNc4EeblHkDAyPfQn4lh7ZbEDbBau4wKL5JOo7cfKJMiyZmlPuXBKBcRa1LKr7V-tEH3BB9FifZMCXW7m5PLIlbV9BmBHZvhjwZiyF0YxjsWOAoAuJ4rvy3IP9pOqSXsawie5BZYu1j31qinEY73UmsU9I9mbvVURjemT9TxQ4yH2pc1vk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABT; OXPCLK=AAHg4AAAAAAAAABT; ppucnt=83
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABU; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure OXPCLK=AAHg4AAAAAAAAABU; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure ppucnt=84; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=UNrVG2TE_TvFnFj69zyf4vlD8IOf_JbZOtL1IteBUYblljxQnzXml8axbofnN7W9R4ga9lJ5JVmnrhTNHHLK8C98bkKGQeLK0qcXHt6Ozc4_MrhveIdTwiwktGVfHV_3XLTX0XM0yHFde8D_R7UxMWDD5lf1SndfTx8rK9UCnRUzbrqYkS7Lprdgv9YHIEOFr69lM8iQFvZ9Q2FJD7dtm4hl9_tlU4Z1_RlXrfWaGeKouxERcXeaJ___fertvPdihPUSy76IqvRXsRTzOkP8N5aiihEWqLGSkq6THfcyA9Ahsm-i-oypiM8iBeCnRDNCT93WRL91OxNr8vldiNmPh1pit3L89ov7d5C9RXe1ufu6k4FYJ2TvDTH6xjV692cPWPYYpo-P-5sNkc9jByYzBqW0WAK_L56DZpk0b-ogRhJbDQ-KowCenM4hHloBm7t93ZrGIfcSB_93RMBo6U0g953WqBF1cGG0bV2SV62QrDXHKJkDhoGNc4EeblHkDAyPfQn4lh7ZbEDbBau4wKL5JOo7cfKJMiyZmlPuXBKBcRa1LKr7V-tEH3BB9FifZMCXW7m5PLIlbV9BmBHZvhjwZiyF0YxjsWOAoAuJ4rvy3IP9pOqSXsawie5BZYu1j31qinEY73UmsU9I9mbvVURjemT9TxQ4yH2pc1vk&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214053ef3a7505f494cd09ce41ec162&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ad40c7a5dd831047a86c872a34e0c04d0dbca85c83666805294319f0867ff079

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABU; OXPCLK=AAHg4AAAAAAAAABU; ppucnt=84
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABU; OXPCLK=AAHg4AAAAAAAAABU; ppucnt=84
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=_WylKkOWFgzkfcRUgZfyjUobECEFTNYtU2OhZPYqh9GphHH_pDqpqzghku0Wo49zaeT87YyRck-n-Fzu0zDmN6PGWGcXs6zp8vr2DqL-lLlAr5q6jW_TRFYGzLQToofhCtFPdDkikFJGscKJWwKTT8ompBrEN2T9vZx4IYozwxNi2wjasi3EOABc2F_rIP2OXWwSHhJ6UjRvDRqEvgwDuKPnr0Tl3BAFR4vdwzzN8wyjcPjQPFaiEuvFhHswFjXA4nuf17upzuHvPtfvZfv86JRblYWrWNbXpmE-xfi_k8756JEQhDwd2kA-0uazes1fzTbjs5fiWPtz7r5-hNOGnNCpWLUnk3zn2n05gV5jDnOdXCsbt3OEYCigf9ZiV2lJ68iIMUH0I75Z6W5DeLpoRzae2BzG5cL624duyHBjUNX71vsuCpzIedZMCbnTDQC9wVCO6lb_wx7amnJrMx-OXZI_BNyBUpft3yOXEIGAQKYdoxbLZsUTknTRbrCtpOwZQ93-OEVKE1CFbJqjT-wwy7ZduhVH2_KjbenW-OwjD48d5CgGkbYzHrLUmLaaikZCqXzWUkA1GAHif7BvwjUvpJQ1fweZpb4026hSkA8J6cJGBJ41RF-KQX1Lcr13QPffNVFdraw-Aj0adf_erd2xX2l3Q2xH8fO3rgt7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2bef6300dcee545d3314d588445a018473b1ac62e9d42e5a15f163f090de3ea3

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=_WylKkOWFgzkfcRUgZfyjUobECEFTNYtU2OhZPYqh9GphHH_pDqpqzghku0Wo49zaeT87YyRck-n-Fzu0zDmN6PGWGcXs6zp8vr2DqL-lLlAr5q6jW_TRFYGzLQToofhCtFPdDkikFJGscKJWwKTT8ompBrEN2T9vZx4IYozwxNi2wjasi3EOABc2F_rIP2OXWwSHhJ6UjRvDRqEvgwDuKPnr0Tl3BAFR4vdwzzN8wyjcPjQPFaiEuvFhHswFjXA4nuf17upzuHvPtfvZfv86JRblYWrWNbXpmE-xfi_k8756JEQhDwd2kA-0uazes1fzTbjs5fiWPtz7r5-hNOGnNCpWLUnk3zn2n05gV5jDnOdXCsbt3OEYCigf9ZiV2lJ68iIMUH0I75Z6W5DeLpoRzae2BzG5cL624duyHBjUNX71vsuCpzIedZMCbnTDQC9wVCO6lb_wx7amnJrMx-OXZI_BNyBUpft3yOXEIGAQKYdoxbLZsUTknTRbrCtpOwZQ93-OEVKE1CFbJqjT-wwy7ZduhVH2_KjbenW-OwjD48d5CgGkbYzHrLUmLaaikZCqXzWUkA1GAHif7BvwjUvpJQ1fweZpb4026hSkA8J6cJGBJ41RF-KQX1Lcr13QPffNVFdraw-Aj0adf_erd2xX2l3Q2xH8fO3rgt7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABU; OXPCLK=AAHg4AAAAAAAAABU; ppucnt=84
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABV; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure OXPCLK=AAHg4AAAAAAAAABV; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure ppucnt=85; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=_WylKkOWFgzkfcRUgZfyjUobECEFTNYtU2OhZPYqh9GphHH_pDqpqzghku0Wo49zaeT87YyRck-n-Fzu0zDmN6PGWGcXs6zp8vr2DqL-lLlAr5q6jW_TRFYGzLQToofhCtFPdDkikFJGscKJWwKTT8ompBrEN2T9vZx4IYozwxNi2wjasi3EOABc2F_rIP2OXWwSHhJ6UjRvDRqEvgwDuKPnr0Tl3BAFR4vdwzzN8wyjcPjQPFaiEuvFhHswFjXA4nuf17upzuHvPtfvZfv86JRblYWrWNbXpmE-xfi_k8756JEQhDwd2kA-0uazes1fzTbjs5fiWPtz7r5-hNOGnNCpWLUnk3zn2n05gV5jDnOdXCsbt3OEYCigf9ZiV2lJ68iIMUH0I75Z6W5DeLpoRzae2BzG5cL624duyHBjUNX71vsuCpzIedZMCbnTDQC9wVCO6lb_wx7amnJrMx-OXZI_BNyBUpft3yOXEIGAQKYdoxbLZsUTknTRbrCtpOwZQ93-OEVKE1CFbJqjT-wwy7ZduhVH2_KjbenW-OwjD48d5CgGkbYzHrLUmLaaikZCqXzWUkA1GAHif7BvwjUvpJQ1fweZpb4026hSkA8J6cJGBJ41RF-KQX1Lcr13QPffNVFdraw-Aj0adf_erd2xX2l3Q2xH8fO3rgt7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f83363f1021742fa8b75cd4408&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f5321b376d8b2975902f49ae0c4ba1ba054684d26c2f74be8fb9e38fb73f47cd

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABV; OXPCLK=AAHg4AAAAAAAAABV; ppucnt=85
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABV; OXPCLK=AAHg4AAAAAAAAABV; ppucnt=85
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=EXFonJz3S3q5R9C03A2D7dyV6K-f8FKyfjqdYIEiGgyvAir7x-8gXBmxaML-FGoBb6I5KiamFPHOEg81ITq90wTmeiTDKZDKCHhyefZ6cYLTM0m4lFe55n_dOOp-lNAIJhXIXOx17TCnGN__kptkiUHSlX8opGf3xMOtJTO4ZrghWMPgClLxuVj7hHb7R0Y-UBiA6QuDj_O9tRCGrkInH24W67WeVpBvMYKqH2KQWRS1j6LSUW5AITEWPVoqmxEJt4qCVQMIm9wVeUlXeWTq5icb_QVnCftBlPA5EDIU5nz4GcfQqm6PHeTQaVzgpfeEGNvrLVxsF4I8xprXd155q-b1DzLhMoEgZ6phYVIJtWzuCf89m0MW2pTtt8RwPysHPkqyw-PA-5IFLiPEnj_8ekgj6789s28M5W-YgZOmpqp1DSb95Yq84QCBDFlb0_JwsAZ-kOdwdun9AUGRBRzWATX9nyt6PwrhD4ipfK_wWVo-wHxj8HLvkdyDZ0slLeH00I2NW0RotcjT8UgUGmfSObZgzwPD8YWFjjXzu0gI8hP9RS4aEqPh2nePq6LrhIqeuSBACFQPnqXy7LCxyTGHfWGgzLGPuTynfqED6cLcNlHKTEZHBfGw5SwfU7QiSuIHzApxLYdRHq25vPYJ_1ja6xNJksxnm0zMorz_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bff0957ae0bdefec3c5c0cb412a0afe1b1791e6b75f1745f5b84b31caaf4c94a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=EXFonJz3S3q5R9C03A2D7dyV6K-f8FKyfjqdYIEiGgyvAir7x-8gXBmxaML-FGoBb6I5KiamFPHOEg81ITq90wTmeiTDKZDKCHhyefZ6cYLTM0m4lFe55n_dOOp-lNAIJhXIXOx17TCnGN__kptkiUHSlX8opGf3xMOtJTO4ZrghWMPgClLxuVj7hHb7R0Y-UBiA6QuDj_O9tRCGrkInH24W67WeVpBvMYKqH2KQWRS1j6LSUW5AITEWPVoqmxEJt4qCVQMIm9wVeUlXeWTq5icb_QVnCftBlPA5EDIU5nz4GcfQqm6PHeTQaVzgpfeEGNvrLVxsF4I8xprXd155q-b1DzLhMoEgZ6phYVIJtWzuCf89m0MW2pTtt8RwPysHPkqyw-PA-5IFLiPEnj_8ekgj6789s28M5W-YgZOmpqp1DSb95Yq84QCBDFlb0_JwsAZ-kOdwdun9AUGRBRzWATX9nyt6PwrhD4ipfK_wWVo-wHxj8HLvkdyDZ0slLeH00I2NW0RotcjT8UgUGmfSObZgzwPD8YWFjjXzu0gI8hP9RS4aEqPh2nePq6LrhIqeuSBACFQPnqXy7LCxyTGHfWGgzLGPuTynfqED6cLcNlHKTEZHBfGw5SwfU7QiSuIHzApxLYdRHq25vPYJ_1ja6xNJksxnm0zMorz_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABV; OXPCLK=AAHg4AAAAAAAAABV; ppucnt=85
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABW; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure OXPCLK=AAHg4AAAAAAAAABW; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure ppucnt=86; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:45 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=EXFonJz3S3q5R9C03A2D7dyV6K-f8FKyfjqdYIEiGgyvAir7x-8gXBmxaML-FGoBb6I5KiamFPHOEg81ITq90wTmeiTDKZDKCHhyefZ6cYLTM0m4lFe55n_dOOp-lNAIJhXIXOx17TCnGN__kptkiUHSlX8opGf3xMOtJTO4ZrghWMPgClLxuVj7hHb7R0Y-UBiA6QuDj_O9tRCGrkInH24W67WeVpBvMYKqH2KQWRS1j6LSUW5AITEWPVoqmxEJt4qCVQMIm9wVeUlXeWTq5icb_QVnCftBlPA5EDIU5nz4GcfQqm6PHeTQaVzgpfeEGNvrLVxsF4I8xprXd155q-b1DzLhMoEgZ6phYVIJtWzuCf89m0MW2pTtt8RwPysHPkqyw-PA-5IFLiPEnj_8ekgj6789s28M5W-YgZOmpqp1DSb95Yq84QCBDFlb0_JwsAZ-kOdwdun9AUGRBRzWATX9nyt6PwrhD4ipfK_wWVo-wHxj8HLvkdyDZ0slLeH00I2NW0RotcjT8UgUGmfSObZgzwPD8YWFjjXzu0gI8hP9RS4aEqPh2nePq6LrhIqeuSBACFQPnqXy7LCxyTGHfWGgzLGPuTynfqED6cLcNlHKTEZHBfGw5SwfU7QiSuIHzApxLYdRHq25vPYJ_1ja6xNJksxnm0zMorz_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140599431ca6ec2d4a19be486d1e4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:45 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
11a80aa5161662376149da6feb391af0b2bde728d3ba489fba9c5b9400d94aa9

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABW; OXPCLK=AAHg4AAAAAAAAABW; ppucnt=86
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABW; OXPCLK=AAHg4AAAAAAAAABW; ppucnt=86
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=FD5-gHF0pYBzuxuyatb-HT1i8hyE1VABlAGynEvX3jTvPgeeDRYnauTeFRbjZuvMpMaZL1qvIOpRmBJCF3bKBJGdSIhoTKK1MCMHcaMqG5m9RsKzC9EJKvBF3ASFYnqkiNekZ9ZCQ6uQPMxfoRE14gi_1euSedp4uzBhBxNjryJerxLVsDQvJIaQ0V6czALt0cM-f-gwQGe3778Bqqq51-GVLLsR9s7coGCwwqPogjDu3T3Ocvb1H8IVTTmMXJ-da9HXW9MYviXTXvnMJREH_wp2_0zDGwKtVXhg5JiOVxuaZgBm_f4_VLOhBqLixrwGdChk9lnRMwXw4mLWa4axhmSp92QLI_PtJUEOIinv4dDG37OtSudfFmxjXRFINDjaVzCyqJANZb2P3WhfWOSePXs-mTFzt7HxYh0nxxRLJ0gZX3b5K6D5O8JwPAY8pjfpgzbTZJCx_cHqok3tVolEzkC1YeeZfh8bmGJ218zjk0d0yY6eM_kShm1U_nV-_MBquLr8loxglIiIwiGgtLySY7Ydn6y-T_NtW6ZCrj1S2f1sQqmZcuBJpr60JWKGtiYkT0-LkLCHkilHRE-EbweMHvXlueBU4m1H7m5ZXYI34kfFWPFmuiBZ0CgJ4cT83_GMcD9X2Alg61bBxzz2-0dubwazGtEenKv-MDDK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7664f23c56feb81efdc4db4c735b36f2f9c3461d8ca719aae325230fee22b09a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=FD5-gHF0pYBzuxuyatb-HT1i8hyE1VABlAGynEvX3jTvPgeeDRYnauTeFRbjZuvMpMaZL1qvIOpRmBJCF3bKBJGdSIhoTKK1MCMHcaMqG5m9RsKzC9EJKvBF3ASFYnqkiNekZ9ZCQ6uQPMxfoRE14gi_1euSedp4uzBhBxNjryJerxLVsDQvJIaQ0V6czALt0cM-f-gwQGe3778Bqqq51-GVLLsR9s7coGCwwqPogjDu3T3Ocvb1H8IVTTmMXJ-da9HXW9MYviXTXvnMJREH_wp2_0zDGwKtVXhg5JiOVxuaZgBm_f4_VLOhBqLixrwGdChk9lnRMwXw4mLWa4axhmSp92QLI_PtJUEOIinv4dDG37OtSudfFmxjXRFINDjaVzCyqJANZb2P3WhfWOSePXs-mTFzt7HxYh0nxxRLJ0gZX3b5K6D5O8JwPAY8pjfpgzbTZJCx_cHqok3tVolEzkC1YeeZfh8bmGJ218zjk0d0yY6eM_kShm1U_nV-_MBquLr8loxglIiIwiGgtLySY7Ydn6y-T_NtW6ZCrj1S2f1sQqmZcuBJpr60JWKGtiYkT0-LkLCHkilHRE-EbweMHvXlueBU4m1H7m5ZXYI34kfFWPFmuiBZ0CgJ4cT83_GMcD9X2Alg61bBxzz2-0dubwazGtEenKv-MDDK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABW; OXPCLK=AAHg4AAAAAAAAABW; ppucnt=86
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABX; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABX; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=87; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=7c1ce5f1df1c1dd25f0887297d11abcb1631480745&psp=FD5-gHF0pYBzuxuyatb-HT1i8hyE1VABlAGynEvX3jTvPgeeDRYnauTeFRbjZuvMpMaZL1qvIOpRmBJCF3bKBJGdSIhoTKK1MCMHcaMqG5m9RsKzC9EJKvBF3ASFYnqkiNekZ9ZCQ6uQPMxfoRE14gi_1euSedp4uzBhBxNjryJerxLVsDQvJIaQ0V6czALt0cM-f-gwQGe3778Bqqq51-GVLLsR9s7coGCwwqPogjDu3T3Ocvb1H8IVTTmMXJ-da9HXW9MYviXTXvnMJREH_wp2_0zDGwKtVXhg5JiOVxuaZgBm_f4_VLOhBqLixrwGdChk9lnRMwXw4mLWa4axhmSp92QLI_PtJUEOIinv4dDG37OtSudfFmxjXRFINDjaVzCyqJANZb2P3WhfWOSePXs-mTFzt7HxYh0nxxRLJ0gZX3b5K6D5O8JwPAY8pjfpgzbTZJCx_cHqok3tVolEzkC1YeeZfh8bmGJ218zjk0d0yY6eM_kShm1U_nV-_MBquLr8loxglIiIwiGgtLySY7Ydn6y-T_NtW6ZCrj1S2f1sQqmZcuBJpr60JWKGtiYkT0-LkLCHkilHRE-EbweMHvXlueBU4m1H7m5ZXYI34kfFWPFmuiBZ0CgJ4cT83_GMcD9X2Alg61bBxzz2-0dubwazGtEenKv-MDDK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405417bea014fcf459ea29ac1d6d2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8e07893a9d7dbcec046742395b433d9e988e5527cfaf3d4ea158a05baf606d91

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABX; OXPCLK=AAHg4AAAAAAAAABX; ppucnt=87
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABX; OXPCLK=AAHg4AAAAAAAAABX; ppucnt=87
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=M75vBGZ1LPE_h8R3P-Kd-gCid_2q1cWy5DsHfDRo3py9n_TkGb5ELwb1pQMSFa9DpqgYyPDhcvjS83o0iQxaNROJMFqI9CVx78UW0W1HssIzAvWYuPs-SM4rM5lmtQm4VUtAlb85YWn4fqq26oyqVa1q5HrAnJSpSFh66xzDfHA06ogyH2jnA5xPJfaK5f34ojLKxGVAq_0-N9OWX8P8-C846U4S-_hbpcVI8r-v0t4HOHOEeuunarrD7x6C6XB9Q2BgLYi5TA2i0HWFpJWr2dddSEOIDe3KhcfPapLAlmP7aZ7oyPA7FxAv2qzgxLRELCODxYrB48XJBypwmV-38XJC6pd_4HCLc_m3jdP6ykRJxsjY35CcO-c4HPIV62xWpTKCRvq5sQTY8dq6CophpSiaSPoUZtZQ0d2pIzKhCIloSPx_o1pPElGbLFXMBZH8-Z8uI9VERWMgLELPjDfjpS1L2o2y2HxCqZCG6Zyg4r1W84Tv4hgy7SbOVgtr2qy32OI5f0XBUg47LTLdRL2iO97TLDjSMj-s6GkofrK8agYj3QRH27DI-SGLFIlDGBBHgULTpvH9SYGGm086qP1bZN9tBi50zu3mujmXkjBYiZvVT0KjtgDEyKikPahxMxShsCUn6SP8xeiv2yrRxONxdpvNERwzZOdoVZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
327e00dd7e4f94d05ff364560eb4909c519c7a8d2a99a3c3c128ac3f984d8429

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=M75vBGZ1LPE_h8R3P-Kd-gCid_2q1cWy5DsHfDRo3py9n_TkGb5ELwb1pQMSFa9DpqgYyPDhcvjS83o0iQxaNROJMFqI9CVx78UW0W1HssIzAvWYuPs-SM4rM5lmtQm4VUtAlb85YWn4fqq26oyqVa1q5HrAnJSpSFh66xzDfHA06ogyH2jnA5xPJfaK5f34ojLKxGVAq_0-N9OWX8P8-C846U4S-_hbpcVI8r-v0t4HOHOEeuunarrD7x6C6XB9Q2BgLYi5TA2i0HWFpJWr2dddSEOIDe3KhcfPapLAlmP7aZ7oyPA7FxAv2qzgxLRELCODxYrB48XJBypwmV-38XJC6pd_4HCLc_m3jdP6ykRJxsjY35CcO-c4HPIV62xWpTKCRvq5sQTY8dq6CophpSiaSPoUZtZQ0d2pIzKhCIloSPx_o1pPElGbLFXMBZH8-Z8uI9VERWMgLELPjDfjpS1L2o2y2HxCqZCG6Zyg4r1W84Tv4hgy7SbOVgtr2qy32OI5f0XBUg47LTLdRL2iO97TLDjSMj-s6GkofrK8agYj3QRH27DI-SGLFIlDGBBHgULTpvH9SYGGm086qP1bZN9tBi50zu3mujmXkjBYiZvVT0KjtgDEyKikPahxMxShsCUn6SP8xeiv2yrRxONxdpvNERwzZOdoVZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABX; OXPCLK=AAHg4AAAAAAAAABX; ppucnt=87
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABY; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABY; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=88; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=M75vBGZ1LPE_h8R3P-Kd-gCid_2q1cWy5DsHfDRo3py9n_TkGb5ELwb1pQMSFa9DpqgYyPDhcvjS83o0iQxaNROJMFqI9CVx78UW0W1HssIzAvWYuPs-SM4rM5lmtQm4VUtAlb85YWn4fqq26oyqVa1q5HrAnJSpSFh66xzDfHA06ogyH2jnA5xPJfaK5f34ojLKxGVAq_0-N9OWX8P8-C846U4S-_hbpcVI8r-v0t4HOHOEeuunarrD7x6C6XB9Q2BgLYi5TA2i0HWFpJWr2dddSEOIDe3KhcfPapLAlmP7aZ7oyPA7FxAv2qzgxLRELCODxYrB48XJBypwmV-38XJC6pd_4HCLc_m3jdP6ykRJxsjY35CcO-c4HPIV62xWpTKCRvq5sQTY8dq6CophpSiaSPoUZtZQ0d2pIzKhCIloSPx_o1pPElGbLFXMBZH8-Z8uI9VERWMgLELPjDfjpS1L2o2y2HxCqZCG6Zyg4r1W84Tv4hgy7SbOVgtr2qy32OI5f0XBUg47LTLdRL2iO97TLDjSMj-s6GkofrK8agYj3QRH27DI-SGLFIlDGBBHgULTpvH9SYGGm086qP1bZN9tBi50zu3mujmXkjBYiZvVT0KjtgDEyKikPahxMxShsCUn6SP8xeiv2yrRxONxdpvNERwzZOdoVZM2&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405aaec9fabfb8544c7b2362d7615&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b56daa50e6eb0fc8e78553b4727d46aa575437995cdcc0a907dfd5632fa5ffe0

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABY; OXPCLK=AAHg4AAAAAAAAABY; ppucnt=88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABY; OXPCLK=AAHg4AAAAAAAAABY; ppucnt=88
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=zzXlSRTkcbFyfq3AYr41EGGe_WAqsML6e403QYAaj0dZIjjZeNyitpxu1ZLOsCcO2amvFc4RyPCxG8LFf1ilBDBFGMA6yT90D_AqBC0SmnTWP8MHTLln-vNWkdcuVh9NBzwoo35723OsZOIt7qivOzlYxGHfgo6oFV9hBzOv2Cetju44SewpmEgVywSudxogjXIH9XsnEL3eDC7yQJU-lKBSWToAQDiJ3g7DjSwxUODvzU2BP58mWTDj-hVK1KkKgmTV1ODi83xn7wbfoOpaYUTJk_tA4A3bzxX5z6A0zGE5wI3uBeNw7ehqTsa_OznsG3iVdaTOXaH8sxOehGGsL1Swe-dVpUhfoGoBTuhXzJTzAofN8jA8Dx5Uy9ZmJLDYaQAb_XoygE3wLBo7r8caXtMatrCVcIOr6waPRjokF_GGM6N3trtEToW71fLyxPXLGNHiZCMzRkAdYJmC41UWC4WYdGyZ65KIG0uzRR-t5lM--dDVGh3cAXFPK5E7JgNcCqYA7-servZQ4QPi7GUNMsgMcg_N7V31RwPIGdRmJ3DyuPsi9n66PVRj70LySE6Ylz2x9g7WW25AX2XeM7H2QOg4K-4lSi856E5Nyt-k0y1ahgI8l0aX6Rth12F0NsUOm1Z6s4dPWfJN1vtpVs3PvivIHVIpjTCtjW1g&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7e8f45af3a5ac51c32b3e7a1afea9028510d94343047c64f8b928b307019b321

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=zzXlSRTkcbFyfq3AYr41EGGe_WAqsML6e403QYAaj0dZIjjZeNyitpxu1ZLOsCcO2amvFc4RyPCxG8LFf1ilBDBFGMA6yT90D_AqBC0SmnTWP8MHTLln-vNWkdcuVh9NBzwoo35723OsZOIt7qivOzlYxGHfgo6oFV9hBzOv2Cetju44SewpmEgVywSudxogjXIH9XsnEL3eDC7yQJU-lKBSWToAQDiJ3g7DjSwxUODvzU2BP58mWTDj-hVK1KkKgmTV1ODi83xn7wbfoOpaYUTJk_tA4A3bzxX5z6A0zGE5wI3uBeNw7ehqTsa_OznsG3iVdaTOXaH8sxOehGGsL1Swe-dVpUhfoGoBTuhXzJTzAofN8jA8Dx5Uy9ZmJLDYaQAb_XoygE3wLBo7r8caXtMatrCVcIOr6waPRjokF_GGM6N3trtEToW71fLyxPXLGNHiZCMzRkAdYJmC41UWC4WYdGyZ65KIG0uzRR-t5lM--dDVGh3cAXFPK5E7JgNcCqYA7-servZQ4QPi7GUNMsgMcg_N7V31RwPIGdRmJ3DyuPsi9n66PVRj70LySE6Ylz2x9g7WW25AX2XeM7H2QOg4K-4lSi856E5Nyt-k0y1ahgI8l0aX6Rth12F0NsUOm1Z6s4dPWfJN1vtpVs3PvivIHVIpjTCtjW1g&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABY; OXPCLK=AAHg4AAAAAAAAABY; ppucnt=88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABZ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABZ; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=89; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=zzXlSRTkcbFyfq3AYr41EGGe_WAqsML6e403QYAaj0dZIjjZeNyitpxu1ZLOsCcO2amvFc4RyPCxG8LFf1ilBDBFGMA6yT90D_AqBC0SmnTWP8MHTLln-vNWkdcuVh9NBzwoo35723OsZOIt7qivOzlYxGHfgo6oFV9hBzOv2Cetju44SewpmEgVywSudxogjXIH9XsnEL3eDC7yQJU-lKBSWToAQDiJ3g7DjSwxUODvzU2BP58mWTDj-hVK1KkKgmTV1ODi83xn7wbfoOpaYUTJk_tA4A3bzxX5z6A0zGE5wI3uBeNw7ehqTsa_OznsG3iVdaTOXaH8sxOehGGsL1Swe-dVpUhfoGoBTuhXzJTzAofN8jA8Dx5Uy9ZmJLDYaQAb_XoygE3wLBo7r8caXtMatrCVcIOr6waPRjokF_GGM6N3trtEToW71fLyxPXLGNHiZCMzRkAdYJmC41UWC4WYdGyZ65KIG0uzRR-t5lM--dDVGh3cAXFPK5E7JgNcCqYA7-servZQ4QPi7GUNMsgMcg_N7V31RwPIGdRmJ3DyuPsi9n66PVRj70LySE6Ylz2x9g7WW25AX2XeM7H2QOg4K-4lSi856E5Nyt-k0y1ahgI8l0aX6Rth12F0NsUOm1Z6s4dPWfJN1vtpVs3PvivIHVIpjTCtjW1g&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c857787beee14b4eadc8cce1c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
20066b6e96fd0abe3dedc2eb83c3985d08dac630bba9b68acf64dc863a276dff

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABZ; OXPCLK=AAHg4AAAAAAAAABZ; ppucnt=89
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABZ; OXPCLK=AAHg4AAAAAAAAABZ; ppucnt=89
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=Z7iGrs--gYFwjv-KVqFRum5ZV8y_M06fQFIDk0WM_hFDvBxwJYcKd3V2nSQv4eWTzoMcnkXFOb9NQjdqVQ1kDdzSSqlXI14ovOvaJHSUinxcWTM9zlhAJ91Pcl8qzqNAEn3Q_dFY-1o8ncvldALhclF8Fp4Uvv5DBFKbdQke0ysICrsqeMzYe_sZkIuTi6KaklPa9Q5kLtEXAeWHyuKM_eZr2NrPhB9hdyihNMnHNWoGFgdmBGVICtHFpg-IK1X57n5zN4ilU9LODazdlWaN6aSjMq-IkwfwyeHKqvlYvSVa1OxVaX1NHpf8laDI2xSxGdBYZXld9khEuiDnZ8hPaDlg9FK6B4mge2tpOPPtMLuyDwLxh2JEBQ7z8aFKtaT-aLp3JVXCCkydePIGOGgR28yxMveVziuQ-6QfBRn8CUAImB3B7NoTWbSZwPTgsDiT_3fJDNErgEA3xc0Qvk6noC0tDf2mWvRiggWwcmMPEctV1PhuHYJ4bf96ZCu4AAl7n_XDY1G7mxkzRbGHEdBlSR9BYLl4JW_dd8DYth-95I1mIe7B8hU_mNtS6iqdfU-qOlBdBRwLxEFp6Hwljf5Ly5tgO7Y4SZLPvXwCAA4VEhnJ4rx57cPGSr43qM0TYc_rN_-mNDUKC6KDIrX7L7hqF47AAVzMG6RlZT2p&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3a6f1034198abe58da6845678a83c047640669ed5d2a022864d5ef070a6319d9

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=Z7iGrs--gYFwjv-KVqFRum5ZV8y_M06fQFIDk0WM_hFDvBxwJYcKd3V2nSQv4eWTzoMcnkXFOb9NQjdqVQ1kDdzSSqlXI14ovOvaJHSUinxcWTM9zlhAJ91Pcl8qzqNAEn3Q_dFY-1o8ncvldALhclF8Fp4Uvv5DBFKbdQke0ysICrsqeMzYe_sZkIuTi6KaklPa9Q5kLtEXAeWHyuKM_eZr2NrPhB9hdyihNMnHNWoGFgdmBGVICtHFpg-IK1X57n5zN4ilU9LODazdlWaN6aSjMq-IkwfwyeHKqvlYvSVa1OxVaX1NHpf8laDI2xSxGdBYZXld9khEuiDnZ8hPaDlg9FK6B4mge2tpOPPtMLuyDwLxh2JEBQ7z8aFKtaT-aLp3JVXCCkydePIGOGgR28yxMveVziuQ-6QfBRn8CUAImB3B7NoTWbSZwPTgsDiT_3fJDNErgEA3xc0Qvk6noC0tDf2mWvRiggWwcmMPEctV1PhuHYJ4bf96ZCu4AAl7n_XDY1G7mxkzRbGHEdBlSR9BYLl4JW_dd8DYth-95I1mIe7B8hU_mNtS6iqdfU-qOlBdBRwLxEFp6Hwljf5Ly5tgO7Y4SZLPvXwCAA4VEhnJ4rx57cPGSr43qM0TYc_rN_-mNDUKC6KDIrX7L7hqF47AAVzMG6RlZT2p&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABZ; OXPCLK=AAHg4AAAAAAAAABZ; ppucnt=89
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABa; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABa; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=90; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=Z7iGrs--gYFwjv-KVqFRum5ZV8y_M06fQFIDk0WM_hFDvBxwJYcKd3V2nSQv4eWTzoMcnkXFOb9NQjdqVQ1kDdzSSqlXI14ovOvaJHSUinxcWTM9zlhAJ91Pcl8qzqNAEn3Q_dFY-1o8ncvldALhclF8Fp4Uvv5DBFKbdQke0ysICrsqeMzYe_sZkIuTi6KaklPa9Q5kLtEXAeWHyuKM_eZr2NrPhB9hdyihNMnHNWoGFgdmBGVICtHFpg-IK1X57n5zN4ilU9LODazdlWaN6aSjMq-IkwfwyeHKqvlYvSVa1OxVaX1NHpf8laDI2xSxGdBYZXld9khEuiDnZ8hPaDlg9FK6B4mge2tpOPPtMLuyDwLxh2JEBQ7z8aFKtaT-aLp3JVXCCkydePIGOGgR28yxMveVziuQ-6QfBRn8CUAImB3B7NoTWbSZwPTgsDiT_3fJDNErgEA3xc0Qvk6noC0tDf2mWvRiggWwcmMPEctV1PhuHYJ4bf96ZCu4AAl7n_XDY1G7mxkzRbGHEdBlSR9BYLl4JW_dd8DYth-95I1mIe7B8hU_mNtS6iqdfU-qOlBdBRwLxEFp6Hwljf5Ly5tgO7Y4SZLPvXwCAA4VEhnJ4rx57cPGSr43qM0TYc_rN_-mNDUKC6KDIrX7L7hqF47AAVzMG6RlZT2p&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405d25e132cf6e94b37a3068a0a4e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b4b35487ff355b19df14ecd929adf8b322946b23a12d17d51eb48ec23d9098ef

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABa; OXPCLK=AAHg4AAAAAAAAABa; ppucnt=90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABa; OXPCLK=AAHg4AAAAAAAAABa; ppucnt=90
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=vRid7X8PIAD3jjxFPDbZGbUKTE__yN1b7HfVrzKi-ngCSG7Z6wetN7lJv6akNjg3H9OIBmioeg5XMZqfCMg_YtWW1VfNh2cWSQ_xdooTX2V5yEUYxdGLzWzZZa0AP4sH5rfUQvTftTveA4cv5T7jztVaMnmyaP-kBR51j0eweSpdc2h5dnE5Dr42hjVcB3NGRGXdeMGTjIWPh96saFZv1wwp4XYbbJj6ka4zKqf0PEZRuPIpJK404Vb0CKlSlFNbd8Epm_Nu9RJHrN_DCGcL7D7DKPt0StKvJOsoXs5sLbmNI0NjJT2uDz73B6hZ_bOk3cvTPkCoJAyquHEYQyARwuaSigtYezb_xnFanP2IwVSGzfl9i6k9rbj6HkoJktpqpViH-8pRoRDzcTbX4A_7mRWnqo1XvI889-CEiGL49xQziNz65AqbTTPkdb_Q33CONnS7up7rDQAMkQEFzUPKoMUZ_Z4ru1zh-L3iGoiYhf1YoE-05gbB28GQji5TT6CJtJ5INgN1kZHnw8kWcwNepZ3X4RmLW3cGktAIJQws2j-VNPTYt0_TtFbc3LvvjXWu4e3SM5ZfsHmmgL0DA-dlJsdGJOLB-tR0zMiYAj2l-wEWYv5Du1r_h8gunY1atOEExhD39Oi6EKha93tOki-UfTYgiwJ-fj6Lz8im&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
969df7402406bf665a8f7417a1b4e1884523002b748f4ef696837a49310ba4c1

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=vRid7X8PIAD3jjxFPDbZGbUKTE__yN1b7HfVrzKi-ngCSG7Z6wetN7lJv6akNjg3H9OIBmioeg5XMZqfCMg_YtWW1VfNh2cWSQ_xdooTX2V5yEUYxdGLzWzZZa0AP4sH5rfUQvTftTveA4cv5T7jztVaMnmyaP-kBR51j0eweSpdc2h5dnE5Dr42hjVcB3NGRGXdeMGTjIWPh96saFZv1wwp4XYbbJj6ka4zKqf0PEZRuPIpJK404Vb0CKlSlFNbd8Epm_Nu9RJHrN_DCGcL7D7DKPt0StKvJOsoXs5sLbmNI0NjJT2uDz73B6hZ_bOk3cvTPkCoJAyquHEYQyARwuaSigtYezb_xnFanP2IwVSGzfl9i6k9rbj6HkoJktpqpViH-8pRoRDzcTbX4A_7mRWnqo1XvI889-CEiGL49xQziNz65AqbTTPkdb_Q33CONnS7up7rDQAMkQEFzUPKoMUZ_Z4ru1zh-L3iGoiYhf1YoE-05gbB28GQji5TT6CJtJ5INgN1kZHnw8kWcwNepZ3X4RmLW3cGktAIJQws2j-VNPTYt0_TtFbc3LvvjXWu4e3SM5ZfsHmmgL0DA-dlJsdGJOLB-tR0zMiYAj2l-wEWYv5Du1r_h8gunY1atOEExhD39Oi6EKha93tOki-UfTYgiwJ-fj6Lz8im&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABa; OXPCLK=AAHg4AAAAAAAAABa; ppucnt=90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABb; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABb; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=91; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=vRid7X8PIAD3jjxFPDbZGbUKTE__yN1b7HfVrzKi-ngCSG7Z6wetN7lJv6akNjg3H9OIBmioeg5XMZqfCMg_YtWW1VfNh2cWSQ_xdooTX2V5yEUYxdGLzWzZZa0AP4sH5rfUQvTftTveA4cv5T7jztVaMnmyaP-kBR51j0eweSpdc2h5dnE5Dr42hjVcB3NGRGXdeMGTjIWPh96saFZv1wwp4XYbbJj6ka4zKqf0PEZRuPIpJK404Vb0CKlSlFNbd8Epm_Nu9RJHrN_DCGcL7D7DKPt0StKvJOsoXs5sLbmNI0NjJT2uDz73B6hZ_bOk3cvTPkCoJAyquHEYQyARwuaSigtYezb_xnFanP2IwVSGzfl9i6k9rbj6HkoJktpqpViH-8pRoRDzcTbX4A_7mRWnqo1XvI889-CEiGL49xQziNz65AqbTTPkdb_Q33CONnS7up7rDQAMkQEFzUPKoMUZ_Z4ru1zh-L3iGoiYhf1YoE-05gbB28GQji5TT6CJtJ5INgN1kZHnw8kWcwNepZ3X4RmLW3cGktAIJQws2j-VNPTYt0_TtFbc3LvvjXWu4e3SM5ZfsHmmgL0DA-dlJsdGJOLB-tR0zMiYAj2l-wEWYv5Du1r_h8gunY1atOEExhD39Oi6EKha93tOki-UfTYgiwJ-fj6Lz8im&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405cdf1337ea1e14fa48903740b17&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ad8037bd127f0cbbad6cd9b4dd9a9ef3a041c2b70a1769d7e44820a10b8feb33

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABb; OXPCLK=AAHg4AAAAAAAAABb; ppucnt=91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABb; OXPCLK=AAHg4AAAAAAAAABb; ppucnt=91
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=SF7OzZomLtHYR4UNQUTqBIv6c-BDqSoyIhKyP4SARuW3p2bqub5p_00ke65kgqCyk4UiN-hzeVYnwj7E7GUJDxWVFt189Rv0EfN-ZQ_hNdZUZ38ZnBjIUprRMAfG27EQlS6M2JuTrUQJKR9T7x1XZjz1KdbhegMpmKfZTa1UC1tFhL-XprYNQwv7NO9RlzwMBYoKvJlxHHcf5yfHaboURV42HPS-bM7o8y-nzzQ8zJRszx65t5rvkQKdFlznMjYm5QTnfjkd9YAoFKYNbYwDqUDI49vV_LpNGOVtYISF4qUs4YjOcmEU_ucEyjNq7_lP-dvTjEc8DrPQK381CGQPnzMusRpsx9GP4N7PYdjZ7kitf42jDl0hxK4NvTtfV8UNNaT099Ys7IicMIpt6qyg8d_Etp3rg5yTw9dM-IDat07GbhVUVvXRMsLbtdrtBfnkGe76ToWQNYOx1cdKGdQDhfHxdf21yU5mb72B5aNXnQmtM46zaMxLcuj4ISz_kWArWLNw4O_umwwsZWrUqWC2-Dbb7wUiymnU66O8I81MkkGrF8p3At19YzxKzGanafWw43xA71pzpqSLR-ccvzYa2aaJXlA33jFM2Vb4-8h0rBOV3S46OWliVUHA-9Qm8vxDb9jsvMoc2kT1vyEaaZgZ4D8Fxxwwb63v4O3Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7323995362d5417e4b699a55a4b87196fe654ef7582a80c52e7f3dea6a2cf174

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=SF7OzZomLtHYR4UNQUTqBIv6c-BDqSoyIhKyP4SARuW3p2bqub5p_00ke65kgqCyk4UiN-hzeVYnwj7E7GUJDxWVFt189Rv0EfN-ZQ_hNdZUZ38ZnBjIUprRMAfG27EQlS6M2JuTrUQJKR9T7x1XZjz1KdbhegMpmKfZTa1UC1tFhL-XprYNQwv7NO9RlzwMBYoKvJlxHHcf5yfHaboURV42HPS-bM7o8y-nzzQ8zJRszx65t5rvkQKdFlznMjYm5QTnfjkd9YAoFKYNbYwDqUDI49vV_LpNGOVtYISF4qUs4YjOcmEU_ucEyjNq7_lP-dvTjEc8DrPQK381CGQPnzMusRpsx9GP4N7PYdjZ7kitf42jDl0hxK4NvTtfV8UNNaT099Ys7IicMIpt6qyg8d_Etp3rg5yTw9dM-IDat07GbhVUVvXRMsLbtdrtBfnkGe76ToWQNYOx1cdKGdQDhfHxdf21yU5mb72B5aNXnQmtM46zaMxLcuj4ISz_kWArWLNw4O_umwwsZWrUqWC2-Dbb7wUiymnU66O8I81MkkGrF8p3At19YzxKzGanafWw43xA71pzpqSLR-ccvzYa2aaJXlA33jFM2Vb4-8h0rBOV3S46OWliVUHA-9Qm8vxDb9jsvMoc2kT1vyEaaZgZ4D8Fxxwwb63v4O3Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABb; OXPCLK=AAHg4AAAAAAAAABb; ppucnt=91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABc; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABc; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=92; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=SF7OzZomLtHYR4UNQUTqBIv6c-BDqSoyIhKyP4SARuW3p2bqub5p_00ke65kgqCyk4UiN-hzeVYnwj7E7GUJDxWVFt189Rv0EfN-ZQ_hNdZUZ38ZnBjIUprRMAfG27EQlS6M2JuTrUQJKR9T7x1XZjz1KdbhegMpmKfZTa1UC1tFhL-XprYNQwv7NO9RlzwMBYoKvJlxHHcf5yfHaboURV42HPS-bM7o8y-nzzQ8zJRszx65t5rvkQKdFlznMjYm5QTnfjkd9YAoFKYNbYwDqUDI49vV_LpNGOVtYISF4qUs4YjOcmEU_ucEyjNq7_lP-dvTjEc8DrPQK381CGQPnzMusRpsx9GP4N7PYdjZ7kitf42jDl0hxK4NvTtfV8UNNaT099Ys7IicMIpt6qyg8d_Etp3rg5yTw9dM-IDat07GbhVUVvXRMsLbtdrtBfnkGe76ToWQNYOx1cdKGdQDhfHxdf21yU5mb72B5aNXnQmtM46zaMxLcuj4ISz_kWArWLNw4O_umwwsZWrUqWC2-Dbb7wUiymnU66O8I81MkkGrF8p3At19YzxKzGanafWw43xA71pzpqSLR-ccvzYa2aaJXlA33jFM2Vb4-8h0rBOV3S46OWliVUHA-9Qm8vxDb9jsvMoc2kT1vyEaaZgZ4D8Fxxwwb63v4O3Y&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050e59f563ca284944a5c51137c1&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6600496bebe254075a90fe53465fac6f9bc2ae6b10d0aabbb4439edda19c354f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABc; OXPCLK=AAHg4AAAAAAAAABc; ppucnt=92
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABc; OXPCLK=AAHg4AAAAAAAAABc; ppucnt=92
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=we7Bc4NQIVsZ67_Kg7RWnd5vtDswOtjNNFx4Ba_x0oV0svuvLbvFVCBO5-2JiXzKovPP8qjO44LxcCzYY6baqWXXIZ2KTSp9FoQcViNcKMboFlcdot3ggGlBcD_rzzkgXvQLFVTQKVooN0lDCJHQt9_KOJXEFwiXJKMea0eTv-yBkTICDGnEN7tUral5-iXSTMoF677DE3LcggMkQhbmigQxxO3afJpeMeFvGhz9rct_yv8lR7idMcvetH6iYx7soOBUb67IgRqFhEOEbSaSFoICVwfgJnM8C8WcOnPPqzuGYlyW-_tqdIFICaN8IGaiI5qobV3KmAnykwV9Ybmcdsh7UCB9Pf0pm3CXxVZ3Mf9acKJ45PgiWpiLYl3TPjyehlyhTd5AOY9P-GXxGbpYhb1dLLw_t6D_CEkNWZ2fD5mm7_zv3Nu3YnrT5ZEF-O9zZraJtfSOFsEZH8ucipGLNBypqNTKzn8e5w8EbhZ8JayuzNhNj69Q27xEqp3r74g9T615qn5haEqEFVnWIG3UrQ3pa28tRPaz0vefa8QliG-vSfjPB8qI7zHbasNp88F3cI9vfwm3cqKOIglTZL-QYJ9ZP94Z-BR0rQ64cLtxqdsxX7EsNMZsvDQsA2Q7MWk-7fywYSaY4X4f7DU0U7tP4ETcyDwMk3vZOoUb&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
99f02103b7377301e2b1d610c385d184d17d69d2b8f70b3f4df86331edf3b288

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=we7Bc4NQIVsZ67_Kg7RWnd5vtDswOtjNNFx4Ba_x0oV0svuvLbvFVCBO5-2JiXzKovPP8qjO44LxcCzYY6baqWXXIZ2KTSp9FoQcViNcKMboFlcdot3ggGlBcD_rzzkgXvQLFVTQKVooN0lDCJHQt9_KOJXEFwiXJKMea0eTv-yBkTICDGnEN7tUral5-iXSTMoF677DE3LcggMkQhbmigQxxO3afJpeMeFvGhz9rct_yv8lR7idMcvetH6iYx7soOBUb67IgRqFhEOEbSaSFoICVwfgJnM8C8WcOnPPqzuGYlyW-_tqdIFICaN8IGaiI5qobV3KmAnykwV9Ybmcdsh7UCB9Pf0pm3CXxVZ3Mf9acKJ45PgiWpiLYl3TPjyehlyhTd5AOY9P-GXxGbpYhb1dLLw_t6D_CEkNWZ2fD5mm7_zv3Nu3YnrT5ZEF-O9zZraJtfSOFsEZH8ucipGLNBypqNTKzn8e5w8EbhZ8JayuzNhNj69Q27xEqp3r74g9T615qn5haEqEFVnWIG3UrQ3pa28tRPaz0vefa8QliG-vSfjPB8qI7zHbasNp88F3cI9vfwm3cqKOIglTZL-QYJ9ZP94Z-BR0rQ64cLtxqdsxX7EsNMZsvDQsA2Q7MWk-7fywYSaY4X4f7DU0U7tP4ETcyDwMk3vZOoUb&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABc; OXPCLK=AAHg4AAAAAAAAABc; ppucnt=92
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABd; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABd; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=93; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=we7Bc4NQIVsZ67_Kg7RWnd5vtDswOtjNNFx4Ba_x0oV0svuvLbvFVCBO5-2JiXzKovPP8qjO44LxcCzYY6baqWXXIZ2KTSp9FoQcViNcKMboFlcdot3ggGlBcD_rzzkgXvQLFVTQKVooN0lDCJHQt9_KOJXEFwiXJKMea0eTv-yBkTICDGnEN7tUral5-iXSTMoF677DE3LcggMkQhbmigQxxO3afJpeMeFvGhz9rct_yv8lR7idMcvetH6iYx7soOBUb67IgRqFhEOEbSaSFoICVwfgJnM8C8WcOnPPqzuGYlyW-_tqdIFICaN8IGaiI5qobV3KmAnykwV9Ybmcdsh7UCB9Pf0pm3CXxVZ3Mf9acKJ45PgiWpiLYl3TPjyehlyhTd5AOY9P-GXxGbpYhb1dLLw_t6D_CEkNWZ2fD5mm7_zv3Nu3YnrT5ZEF-O9zZraJtfSOFsEZH8ucipGLNBypqNTKzn8e5w8EbhZ8JayuzNhNj69Q27xEqp3r74g9T615qn5haEqEFVnWIG3UrQ3pa28tRPaz0vefa8QliG-vSfjPB8qI7zHbasNp88F3cI9vfwm3cqKOIglTZL-QYJ9ZP94Z-BR0rQ64cLtxqdsxX7EsNMZsvDQsA2Q7MWk-7fywYSaY4X4f7DU0U7tP4ETcyDwMk3vZOoUb&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f6a216b1027546738793a21a4f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d71eec180f555114cda32989f1a42528bb639e3d781a18a7f62a478d70d5c591

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABd; OXPCLK=AAHg4AAAAAAAAABd; ppucnt=93
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABd; OXPCLK=AAHg4AAAAAAAAABd; ppucnt=93
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=4nEToFgghg7rvwIzPggX3OeUdjyKwmlzRPRH61OHe2XkYYxYirTMA3l-PPlcJ0TEohmKB5e8UPVZXXCwXHqYikeKQB3QuvpBXG75gjKDPMT1ybWC_ZGG_nOIGX3FYDds-SGs7n5kG1dGw_iUNjzj1HWHEzpRH0ipVkRbs7O5R7tKn7j-WMZqRD6m_rghVZuKlEUr97Jf_QD179OCL3tNJHbFof35xzUB3xOkvc6Zvfi5ysn2Y7YfeP50YkEz3oHbr9J6eTiHlRC23S01edpPpmIEFpnTnAmtyMOsq9t6ioVprc2mJW8Vv6MrCISGIJRGVKOgbjvooM_1FkDGAf5LgFGQzV5niHjUG2lu9N96wX4MbVw4nIcLnmqpDG0UgNA5FYRFYpESeXIpHQKB5_dBgbIYiapYYSAo2UQDbcCVlhBLGn8Amni0vZbz2854Ze_GDkAchoUfManQr9DPu5fg2r1oXyJCt97_K9hIOThWzkeYDjFtNwg3JW-OzXPdVmkYT6gCcYBRFbaAhSC6nj3JJ2Yk1QBmsPe3ayxpE0Lbn8IzhN-d0hu_EVut82LnZnAohpxmNpMG9GVm4h5CY2r_yi-PcydnjrdBx5gsutwoLMK0GpMYY4H5i9UxcMOLMaVEZRs10joV9R7uNei9By2SA1EO81AFoBggbPvE&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
051156d76abf9b7d28f39d5cfd81352de1cb460b6703fe94b8cdcd413af78506

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=4nEToFgghg7rvwIzPggX3OeUdjyKwmlzRPRH61OHe2XkYYxYirTMA3l-PPlcJ0TEohmKB5e8UPVZXXCwXHqYikeKQB3QuvpBXG75gjKDPMT1ybWC_ZGG_nOIGX3FYDds-SGs7n5kG1dGw_iUNjzj1HWHEzpRH0ipVkRbs7O5R7tKn7j-WMZqRD6m_rghVZuKlEUr97Jf_QD179OCL3tNJHbFof35xzUB3xOkvc6Zvfi5ysn2Y7YfeP50YkEz3oHbr9J6eTiHlRC23S01edpPpmIEFpnTnAmtyMOsq9t6ioVprc2mJW8Vv6MrCISGIJRGVKOgbjvooM_1FkDGAf5LgFGQzV5niHjUG2lu9N96wX4MbVw4nIcLnmqpDG0UgNA5FYRFYpESeXIpHQKB5_dBgbIYiapYYSAo2UQDbcCVlhBLGn8Amni0vZbz2854Ze_GDkAchoUfManQr9DPu5fg2r1oXyJCt97_K9hIOThWzkeYDjFtNwg3JW-OzXPdVmkYT6gCcYBRFbaAhSC6nj3JJ2Yk1QBmsPe3ayxpE0Lbn8IzhN-d0hu_EVut82LnZnAohpxmNpMG9GVm4h5CY2r_yi-PcydnjrdBx5gsutwoLMK0GpMYY4H5i9UxcMOLMaVEZRs10joV9R7uNei9By2SA1EO81AFoBggbPvE&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABd; OXPCLK=AAHg4AAAAAAAAABd; ppucnt=93
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABe; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure OXPCLK=AAHg4AAAAAAAAABe; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure ppucnt=94; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:46 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=95153d4f3dba598ccd49005a7dbf72b31631480746&psp=4nEToFgghg7rvwIzPggX3OeUdjyKwmlzRPRH61OHe2XkYYxYirTMA3l-PPlcJ0TEohmKB5e8UPVZXXCwXHqYikeKQB3QuvpBXG75gjKDPMT1ybWC_ZGG_nOIGX3FYDds-SGs7n5kG1dGw_iUNjzj1HWHEzpRH0ipVkRbs7O5R7tKn7j-WMZqRD6m_rghVZuKlEUr97Jf_QD179OCL3tNJHbFof35xzUB3xOkvc6Zvfi5ysn2Y7YfeP50YkEz3oHbr9J6eTiHlRC23S01edpPpmIEFpnTnAmtyMOsq9t6ioVprc2mJW8Vv6MrCISGIJRGVKOgbjvooM_1FkDGAf5LgFGQzV5niHjUG2lu9N96wX4MbVw4nIcLnmqpDG0UgNA5FYRFYpESeXIpHQKB5_dBgbIYiapYYSAo2UQDbcCVlhBLGn8Amni0vZbz2854Ze_GDkAchoUfManQr9DPu5fg2r1oXyJCt97_K9hIOThWzkeYDjFtNwg3JW-OzXPdVmkYT6gCcYBRFbaAhSC6nj3JJ2Yk1QBmsPe3ayxpE0Lbn8IzhN-d0hu_EVut82LnZnAohpxmNpMG9GVm4h5CY2r_yi-PcydnjrdBx5gsutwoLMK0GpMYY4H5i9UxcMOLMaVEZRs10joV9R7uNei9By2SA1EO81AFoBggbPvE&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f39406adaf854772886a315ca7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
883f2c3992c4258737e3acd36310f25d73e3081efe6db97907652be8efa00e72

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABe; OXPCLK=AAHg4AAAAAAAAABe; ppucnt=94
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABe; OXPCLK=AAHg4AAAAAAAAABe; ppucnt=94
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=mD-4ePwRdEizLM26or2TDRfTZhQtcxxKWYkM-os1CAVE5LVtg5fZwZ9n7wz2F1RtcJkjfDAo4M4L-bp7QYNbg1Frwn2Mu13ZNcm05xosyoHUrzJraYUQJRQlo4r5E3Ab2JN2YwN8-WAmCG3xl9QZCKYDypfd_7co_lLAvL_ZL80-UJQUCFBdS5Rc9aNBCE6YFNQYT_DhRJdTRRni_lknc8cWmLYD5W11p2pcN4UuLhPKCVuQXf8h2myxT3BotRWAAMgAiHMt8eGiSBaxc0UBLiMToFhuPy809spnG4lrOadNaUuiWlIH87lrDyheACh5HlSAo1NVqV6xvCgZaq0PuoCrDiiOCNfeDfEe4dFKbPMBwCPxflOUu1MukK5VR5CmbmRa37tn-xLX6mwDhrAUhBiXD9VsZIsi7BO4fkiTbX0-GGzXN_k4ryj5lm2rHUeAok4BAT3RScOZV-G87jhOsDDh3RmitAqLegG9GVb-PPgnLi_nD6fY9X-9G6AnMgAjGPXAnHSr1SVZytjcaSaIhXA4F-1Xyglx3W13fb22wOb2xmLsvOuLh3LPzw6nua3Ginmp5OhAkdqk9YJL3Kks7MC7tRUALlrsoDb6ev3wgj4QqbXPEYyJCBFKQQvAeoeCFBNKtzilPP4P8m9a72Xc-fXE5Ku87DndHwXP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
51e87f10557e7160910adf4c74b206602f2b46166e166d754320ea5c911f0c43

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=mD-4ePwRdEizLM26or2TDRfTZhQtcxxKWYkM-os1CAVE5LVtg5fZwZ9n7wz2F1RtcJkjfDAo4M4L-bp7QYNbg1Frwn2Mu13ZNcm05xosyoHUrzJraYUQJRQlo4r5E3Ab2JN2YwN8-WAmCG3xl9QZCKYDypfd_7co_lLAvL_ZL80-UJQUCFBdS5Rc9aNBCE6YFNQYT_DhRJdTRRni_lknc8cWmLYD5W11p2pcN4UuLhPKCVuQXf8h2myxT3BotRWAAMgAiHMt8eGiSBaxc0UBLiMToFhuPy809spnG4lrOadNaUuiWlIH87lrDyheACh5HlSAo1NVqV6xvCgZaq0PuoCrDiiOCNfeDfEe4dFKbPMBwCPxflOUu1MukK5VR5CmbmRa37tn-xLX6mwDhrAUhBiXD9VsZIsi7BO4fkiTbX0-GGzXN_k4ryj5lm2rHUeAok4BAT3RScOZV-G87jhOsDDh3RmitAqLegG9GVb-PPgnLi_nD6fY9X-9G6AnMgAjGPXAnHSr1SVZytjcaSaIhXA4F-1Xyglx3W13fb22wOb2xmLsvOuLh3LPzw6nua3Ginmp5OhAkdqk9YJL3Kks7MC7tRUALlrsoDb6ev3wgj4QqbXPEYyJCBFKQQvAeoeCFBNKtzilPP4P8m9a72Xc-fXE5Ku87DndHwXP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABe; OXPCLK=AAHg4AAAAAAAAABe; ppucnt=94
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABf; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABf; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=95; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=mD-4ePwRdEizLM26or2TDRfTZhQtcxxKWYkM-os1CAVE5LVtg5fZwZ9n7wz2F1RtcJkjfDAo4M4L-bp7QYNbg1Frwn2Mu13ZNcm05xosyoHUrzJraYUQJRQlo4r5E3Ab2JN2YwN8-WAmCG3xl9QZCKYDypfd_7co_lLAvL_ZL80-UJQUCFBdS5Rc9aNBCE6YFNQYT_DhRJdTRRni_lknc8cWmLYD5W11p2pcN4UuLhPKCVuQXf8h2myxT3BotRWAAMgAiHMt8eGiSBaxc0UBLiMToFhuPy809spnG4lrOadNaUuiWlIH87lrDyheACh5HlSAo1NVqV6xvCgZaq0PuoCrDiiOCNfeDfEe4dFKbPMBwCPxflOUu1MukK5VR5CmbmRa37tn-xLX6mwDhrAUhBiXD9VsZIsi7BO4fkiTbX0-GGzXN_k4ryj5lm2rHUeAok4BAT3RScOZV-G87jhOsDDh3RmitAqLegG9GVb-PPgnLi_nD6fY9X-9G6AnMgAjGPXAnHSr1SVZytjcaSaIhXA4F-1Xyglx3W13fb22wOb2xmLsvOuLh3LPzw6nua3Ginmp5OhAkdqk9YJL3Kks7MC7tRUALlrsoDb6ev3wgj4QqbXPEYyJCBFKQQvAeoeCFBNKtzilPP4P8m9a72Xc-fXE5Ku87DndHwXP&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140519245834f9db4eb7bf3b390490&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ca6966b5c9358c762a33006011a837dba565d62636149f1d815f0888f91b6411

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABf; OXPCLK=AAHg4AAAAAAAAABf; ppucnt=95
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABf; OXPCLK=AAHg4AAAAAAAAABf; ppucnt=95
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=m3GZU-i4byS6xqgLhMaX0j2BUpLfAPhGZND9ot_-y_vFU6E5dvcRq5zyEsZUjLIV3VSrIbBZpdAUl3CH7u5VgvrZ0lhHPCAJmUTSMwlhDDYGZOycQ6OgUkg0iUhvl9Q7Y7o0iAWIbaXUSjxiMAj5gv0xi5rlPwdx2FVF3GRQCV51ccAbyP6Z1EzCILWMbA21kiTPAzW6jQE9-ZM6glRy4ZCfaaD-QlB03mEiX-KcFPF1k6JKYDID-JhrQBSSIdpDcFaE3Kmo0m4sCPpjUZGbJIIx_yc1dS7PeBKnW3Q5hE463rh45_LDH4f6aHfYPrPss42kFzvjc_SDYtEzbO7LRErO0ZIKBxsdZszKBNjeptkCVs4iMSdsh0T_ooJOo53K2hwr1T1MM_qb4S7my6yE26b5LIqRMtW55bpVabIX5glmMCHZC1XGv133uGwyxDQW5ZzlqDiRMSAvZ4j0x-RDGpbIcHSAnZdyjsyxkLSh0THMic-2rYddNN9uwQ6YaKotAMcBCmnIyraKo2HrAQnAdhVDM_PqyoSCPRANkNQupAM56V5sOjb1JiLGvP3Csd07uGqNx9hEeKVAPFvYK992Dgz0EClDmlgL5BvmGsQRcssA92ShzLMp_0a7G8ebARSwawilQMk_8XAcxgsAgJvJ-lhzxoIf6EMsM6xr&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e01c954a6529bbef247d8c6d678f0638740202fd2728da78bebb3aa6b584e1a6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=m3GZU-i4byS6xqgLhMaX0j2BUpLfAPhGZND9ot_-y_vFU6E5dvcRq5zyEsZUjLIV3VSrIbBZpdAUl3CH7u5VgvrZ0lhHPCAJmUTSMwlhDDYGZOycQ6OgUkg0iUhvl9Q7Y7o0iAWIbaXUSjxiMAj5gv0xi5rlPwdx2FVF3GRQCV51ccAbyP6Z1EzCILWMbA21kiTPAzW6jQE9-ZM6glRy4ZCfaaD-QlB03mEiX-KcFPF1k6JKYDID-JhrQBSSIdpDcFaE3Kmo0m4sCPpjUZGbJIIx_yc1dS7PeBKnW3Q5hE463rh45_LDH4f6aHfYPrPss42kFzvjc_SDYtEzbO7LRErO0ZIKBxsdZszKBNjeptkCVs4iMSdsh0T_ooJOo53K2hwr1T1MM_qb4S7my6yE26b5LIqRMtW55bpVabIX5glmMCHZC1XGv133uGwyxDQW5ZzlqDiRMSAvZ4j0x-RDGpbIcHSAnZdyjsyxkLSh0THMic-2rYddNN9uwQ6YaKotAMcBCmnIyraKo2HrAQnAdhVDM_PqyoSCPRANkNQupAM56V5sOjb1JiLGvP3Csd07uGqNx9hEeKVAPFvYK992Dgz0EClDmlgL5BvmGsQRcssA92ShzLMp_0a7G8ebARSwawilQMk_8XAcxgsAgJvJ-lhzxoIf6EMsM6xr&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABf; OXPCLK=AAHg4AAAAAAAAABf; ppucnt=95
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABg; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABg; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=96; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=m3GZU-i4byS6xqgLhMaX0j2BUpLfAPhGZND9ot_-y_vFU6E5dvcRq5zyEsZUjLIV3VSrIbBZpdAUl3CH7u5VgvrZ0lhHPCAJmUTSMwlhDDYGZOycQ6OgUkg0iUhvl9Q7Y7o0iAWIbaXUSjxiMAj5gv0xi5rlPwdx2FVF3GRQCV51ccAbyP6Z1EzCILWMbA21kiTPAzW6jQE9-ZM6glRy4ZCfaaD-QlB03mEiX-KcFPF1k6JKYDID-JhrQBSSIdpDcFaE3Kmo0m4sCPpjUZGbJIIx_yc1dS7PeBKnW3Q5hE463rh45_LDH4f6aHfYPrPss42kFzvjc_SDYtEzbO7LRErO0ZIKBxsdZszKBNjeptkCVs4iMSdsh0T_ooJOo53K2hwr1T1MM_qb4S7my6yE26b5LIqRMtW55bpVabIX5glmMCHZC1XGv133uGwyxDQW5ZzlqDiRMSAvZ4j0x-RDGpbIcHSAnZdyjsyxkLSh0THMic-2rYddNN9uwQ6YaKotAMcBCmnIyraKo2HrAQnAdhVDM_PqyoSCPRANkNQupAM56V5sOjb1JiLGvP3Csd07uGqNx9hEeKVAPFvYK992Dgz0EClDmlgL5BvmGsQRcssA92ShzLMp_0a7G8ebARSwawilQMk_8XAcxgsAgJvJ-lhzxoIf6EMsM6xr&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405a7a8e73389ee4a6b8fc87d6890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
48396d525d5fecaa9b89894d4db213924aec13076460b1976d927fa5992a2bc0

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABg; OXPCLK=AAHg4AAAAAAAAABg; ppucnt=96
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABg; OXPCLK=AAHg4AAAAAAAAABg; ppucnt=96
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=k8qdmN24gA1X_93zNE1jW8qc5fWomdTYhir3M-VCZg1bxL59OqoC6LlDaZB6KxjNm2ITqZGyohUTmot1yD-EQflyYR7hiP5DJ_jdEggv0YEdzly32H-U5VSlUQeyyXWxgbIvBg0kZFEs5j8sipnmqu5JMDuXX3T3Mufacp8TmfTsFbhCQ32_IKaxe1JIiiWgyLnU_AzoLM2001Jy1yOLoAz62IFre1jn4xRRO0mrevxzxFJfkT3RkFy2gCmfpAVfd-asb08kUqFYR9QGmiGNqhQ-jKItatCR8rncvMIpQ3B3Alzn1btFrG7ilzROR97qbkX4lCWI_o2e9XUYQS6KcJKXGcsrsS_ce_FgXKn9LcDCXZO9DpPgddKO6rj941-3PmPZSVkchJqk8XfzMHHrDWuldhfOoZGMHp-7hPKVRwDBM0l6WBWUBSm-CAh76yBs5Ulw8uMQfCoXPhPQp_eLdY6WB--cm-AE64OChvjO6sEHQxpuIg-XS84HR7DYEB0wswdBt3c0ULa7y-Hft4fhGyPtC49PM6qeGdQ04w-qWPuTJpHY9dhR07nH72ybxXXfr5eGxgviMDBYseWmym69VMo3Z2Aru6MuO5RfnH1qfylpXxz_6hKftlV73EBLMSCz3VY2znvpsJMzMWdiT1RHwozmXLSq1qHTJJ9-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=k8qdmN24gA1X_93zNE1jW8qc5fWomdTYhir3M-VCZg1bxL59OqoC6LlDaZB6KxjNm2ITqZGyohUTmot1yD-EQflyYR7hiP5DJ_jdEggv0YEdzly32H-U5VSlUQeyyXWxgbIvBg0kZFEs5j8sipnmqu5JMDuXX3T3Mufacp8TmfTsFbhCQ32_IKaxe1JIiiWgyLnU_AzoLM2001Jy1yOLoAz62IFre1jn4xRRO0mrevxzxFJfkT3RkFy2gCmfpAVfd-asb08kUqFYR9QGmiGNqhQ-jKItatCR8rncvMIpQ3B3Alzn1btFrG7ilzROR97qbkX4lCWI_o2e9XUYQS6KcJKXGcsrsS_ce_FgXKn9LcDCXZO9DpPgddKO6rj941-3PmPZSVkchJqk8XfzMHHrDWuldhfOoZGMHp-7hPKVRwDBM0l6WBWUBSm-CAh76yBs5Ulw8uMQfCoXPhPQp_eLdY6WB--cm-AE64OChvjO6sEHQxpuIg-XS84HR7DYEB0wswdBt3c0ULa7y-Hft4fhGyPtC49PM6qeGdQ04w-qWPuTJpHY9dhR07nH72ybxXXfr5eGxgviMDBYseWmym69VMo3Z2Aru6MuO5RfnH1qfylpXxz_6hKftlV73EBLMSCz3VY2znvpsJMzMWdiT1RHwozmXLSq1qHTJJ9-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABg; OXPCLK=AAHg4AAAAAAAAABg; ppucnt=96
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABh; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABh; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=97; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=k8qdmN24gA1X_93zNE1jW8qc5fWomdTYhir3M-VCZg1bxL59OqoC6LlDaZB6KxjNm2ITqZGyohUTmot1yD-EQflyYR7hiP5DJ_jdEggv0YEdzly32H-U5VSlUQeyyXWxgbIvBg0kZFEs5j8sipnmqu5JMDuXX3T3Mufacp8TmfTsFbhCQ32_IKaxe1JIiiWgyLnU_AzoLM2001Jy1yOLoAz62IFre1jn4xRRO0mrevxzxFJfkT3RkFy2gCmfpAVfd-asb08kUqFYR9QGmiGNqhQ-jKItatCR8rncvMIpQ3B3Alzn1btFrG7ilzROR97qbkX4lCWI_o2e9XUYQS6KcJKXGcsrsS_ce_FgXKn9LcDCXZO9DpPgddKO6rj941-3PmPZSVkchJqk8XfzMHHrDWuldhfOoZGMHp-7hPKVRwDBM0l6WBWUBSm-CAh76yBs5Ulw8uMQfCoXPhPQp_eLdY6WB--cm-AE64OChvjO6sEHQxpuIg-XS84HR7DYEB0wswdBt3c0ULa7y-Hft4fhGyPtC49PM6qeGdQ04w-qWPuTJpHY9dhR07nH72ybxXXfr5eGxgviMDBYseWmym69VMo3Z2Aru6MuO5RfnH1qfylpXxz_6hKftlV73EBLMSCz3VY2znvpsJMzMWdiT1RHwozmXLSq1qHTJJ9-&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405f0c473e025d34344b92ee79889&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f665710f0327ecd4c33f804fdfe61033bfdca3608be3e1e43f2d0ee13902824b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABh; OXPCLK=AAHg4AAAAAAAAABh; ppucnt=97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABh; OXPCLK=AAHg4AAAAAAAAABh; ppucnt=97
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=6PFG18tssW4LFmhy3ArfiMWKM2cEfSmkSypzY5KC8WfsCoVp5ozazu6v631CVf96fRnFL2bk7D7SbVQoD6Nr69MluQf0BB_NNWrMU9kUhwzG5Dv0yaiDyvYbv4Gm1GM1iZ-cJNAf4_h7f1G7pNCZFQF93LdGBmgctY94H0PzrkCFy669wlOu-HOTHYmgb9hE8-zQHUCLrS5hjinbl8-AR-LtX2dDC0CCM_s_GcAvhhUH9JKm_lhPKALLj6LyACh0GCjVwVujQuLz159o2pO9XqFXAcrNyrK5AsNurghvEukqvOKpKpI5g-llkn3dOWWpiQW53ZqgdLeegEe6gcQlUAwYBmb9yGzchBQq8mBfSufW25uovdj0FIFCH2R2yf5OGlq7EMXDBTpg86fn9bKgFBzMav1yA_rhlkQBVfhqDX9Jx8yyNFwfvxBL1CwDoQg8-TCa-A397BLGrX085Pfpwz_TE9t2ks3xOej2Uzscw3IsMopNvfa3RQLp_K5TKqDuqwza1JpT7sR7YF2I2DyyIs6clvlkMGPb282Sd_lV0kzSFR1MFthH8lM1iG9wM6NHfjgrmcRdDWRBUiONYKPMm7d-Musnko5XVH29whfdcbfRTNpoiRa8L9fvR9vAiLb3VdAdzMZ064fyGLFHcdnNzx6McSXQRXLEbHSR&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ea483d1098480a5a56ab2f71f158dc77e33817b6a76e2ebdad650af0078c074f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=6PFG18tssW4LFmhy3ArfiMWKM2cEfSmkSypzY5KC8WfsCoVp5ozazu6v631CVf96fRnFL2bk7D7SbVQoD6Nr69MluQf0BB_NNWrMU9kUhwzG5Dv0yaiDyvYbv4Gm1GM1iZ-cJNAf4_h7f1G7pNCZFQF93LdGBmgctY94H0PzrkCFy669wlOu-HOTHYmgb9hE8-zQHUCLrS5hjinbl8-AR-LtX2dDC0CCM_s_GcAvhhUH9JKm_lhPKALLj6LyACh0GCjVwVujQuLz159o2pO9XqFXAcrNyrK5AsNurghvEukqvOKpKpI5g-llkn3dOWWpiQW53ZqgdLeegEe6gcQlUAwYBmb9yGzchBQq8mBfSufW25uovdj0FIFCH2R2yf5OGlq7EMXDBTpg86fn9bKgFBzMav1yA_rhlkQBVfhqDX9Jx8yyNFwfvxBL1CwDoQg8-TCa-A397BLGrX085Pfpwz_TE9t2ks3xOej2Uzscw3IsMopNvfa3RQLp_K5TKqDuqwza1JpT7sR7YF2I2DyyIs6clvlkMGPb282Sd_lV0kzSFR1MFthH8lM1iG9wM6NHfjgrmcRdDWRBUiONYKPMm7d-Musnko5XVH29whfdcbfRTNpoiRa8L9fvR9vAiLb3VdAdzMZ064fyGLFHcdnNzx6McSXQRXLEbHSR&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABh; OXPCLK=AAHg4AAAAAAAAABh; ppucnt=97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABi; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABi; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=98; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=6PFG18tssW4LFmhy3ArfiMWKM2cEfSmkSypzY5KC8WfsCoVp5ozazu6v631CVf96fRnFL2bk7D7SbVQoD6Nr69MluQf0BB_NNWrMU9kUhwzG5Dv0yaiDyvYbv4Gm1GM1iZ-cJNAf4_h7f1G7pNCZFQF93LdGBmgctY94H0PzrkCFy669wlOu-HOTHYmgb9hE8-zQHUCLrS5hjinbl8-AR-LtX2dDC0CCM_s_GcAvhhUH9JKm_lhPKALLj6LyACh0GCjVwVujQuLz159o2pO9XqFXAcrNyrK5AsNurghvEukqvOKpKpI5g-llkn3dOWWpiQW53ZqgdLeegEe6gcQlUAwYBmb9yGzchBQq8mBfSufW25uovdj0FIFCH2R2yf5OGlq7EMXDBTpg86fn9bKgFBzMav1yA_rhlkQBVfhqDX9Jx8yyNFwfvxBL1CwDoQg8-TCa-A397BLGrX085Pfpwz_TE9t2ks3xOej2Uzscw3IsMopNvfa3RQLp_K5TKqDuqwza1JpT7sR7YF2I2DyyIs6clvlkMGPb282Sd_lV0kzSFR1MFthH8lM1iG9wM6NHfjgrmcRdDWRBUiONYKPMm7d-Musnko5XVH29whfdcbfRTNpoiRa8L9fvR9vAiLb3VdAdzMZ064fyGLFHcdnNzx6McSXQRXLEbHSR&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ba35e61451de49ba9a2934ed39&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
62c1c0b01f56bd048befc689fd6e539bae931e40b978055273fbad6973408023

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABi; OXPCLK=AAHg4AAAAAAAAABi; ppucnt=98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABi; OXPCLK=AAHg4AAAAAAAAABi; ppucnt=98
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=vCPj4T-2EXml3ilrGqQOGIA4-m2njf_KL3J7sQx-lTjXrqEXP8GbXxaUinhQDigtI9lH9vvxShDqMkQBTeyf6VUHLwuPA8wBW5dPGB245R01XfICgxOqb8JLUPX7qM0LKuvWuIJoOneG3ArvycVZnnAab5BCDqCWT2tntL5_5EQo0bR8_UtGeLppJbSndBR7RFRp3S4TlVjNysiIs7pKk0Jua5luF2y3PlWMwkdwsHHsC7V1eIGE5Q0etjO5oLKjA2voDOcbmqO0iESteqhI-8-Dmi67tO5TCeWsW5DyiYzJzECCAXv4-cE9FdbMSsaKJfjL8Mut6lU4GRRMaViEQgb6um7pA_tZPJpTfzdc5MRLEyXK7KlmYlug1g2x7lxqAwud5zmgSjdBBiXKxNhGk9jGPMoemaGhVBr7746YNSQntLgAmpdrv46bF3qag56PnxSLNMvaFbDN_fFFLlZS59aTfoFCWpMChyYAuVbR61n8Muve03Rd1Modhs74YqHAb7E9c9lKMmInKcaMP51kbIdcLaQ416WGNk2bUAf6HjK_PHtZJMk53kH9uZHOSq5Uwfyi6d5z7eNvozMeWHBm-Hk5cjEd_rAp_HSiFJFpljIPtoumEe0f_HFmdxKYaR8P5pjNiedvfC7oYrWflGEjWLmQIXYt62aaDAH7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f74c2b47d9033c8f45ceb41d41eadb8c8c58b13198dc01e44579a71a1af01deb

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=vCPj4T-2EXml3ilrGqQOGIA4-m2njf_KL3J7sQx-lTjXrqEXP8GbXxaUinhQDigtI9lH9vvxShDqMkQBTeyf6VUHLwuPA8wBW5dPGB245R01XfICgxOqb8JLUPX7qM0LKuvWuIJoOneG3ArvycVZnnAab5BCDqCWT2tntL5_5EQo0bR8_UtGeLppJbSndBR7RFRp3S4TlVjNysiIs7pKk0Jua5luF2y3PlWMwkdwsHHsC7V1eIGE5Q0etjO5oLKjA2voDOcbmqO0iESteqhI-8-Dmi67tO5TCeWsW5DyiYzJzECCAXv4-cE9FdbMSsaKJfjL8Mut6lU4GRRMaViEQgb6um7pA_tZPJpTfzdc5MRLEyXK7KlmYlug1g2x7lxqAwud5zmgSjdBBiXKxNhGk9jGPMoemaGhVBr7746YNSQntLgAmpdrv46bF3qag56PnxSLNMvaFbDN_fFFLlZS59aTfoFCWpMChyYAuVbR61n8Muve03Rd1Modhs74YqHAb7E9c9lKMmInKcaMP51kbIdcLaQ416WGNk2bUAf6HjK_PHtZJMk53kH9uZHOSq5Uwfyi6d5z7eNvozMeWHBm-Hk5cjEd_rAp_HSiFJFpljIPtoumEe0f_HFmdxKYaR8P5pjNiedvfC7oYrWflGEjWLmQIXYt62aaDAH7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABi; OXPCLK=AAHg4AAAAAAAAABi; ppucnt=98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABj; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABj; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=99; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=vCPj4T-2EXml3ilrGqQOGIA4-m2njf_KL3J7sQx-lTjXrqEXP8GbXxaUinhQDigtI9lH9vvxShDqMkQBTeyf6VUHLwuPA8wBW5dPGB245R01XfICgxOqb8JLUPX7qM0LKuvWuIJoOneG3ArvycVZnnAab5BCDqCWT2tntL5_5EQo0bR8_UtGeLppJbSndBR7RFRp3S4TlVjNysiIs7pKk0Jua5luF2y3PlWMwkdwsHHsC7V1eIGE5Q0etjO5oLKjA2voDOcbmqO0iESteqhI-8-Dmi67tO5TCeWsW5DyiYzJzECCAXv4-cE9FdbMSsaKJfjL8Mut6lU4GRRMaViEQgb6um7pA_tZPJpTfzdc5MRLEyXK7KlmYlug1g2x7lxqAwud5zmgSjdBBiXKxNhGk9jGPMoemaGhVBr7746YNSQntLgAmpdrv46bF3qag56PnxSLNMvaFbDN_fFFLlZS59aTfoFCWpMChyYAuVbR61n8Muve03Rd1Modhs74YqHAb7E9c9lKMmInKcaMP51kbIdcLaQ416WGNk2bUAf6HjK_PHtZJMk53kH9uZHOSq5Uwfyi6d5z7eNvozMeWHBm-Hk5cjEd_rAp_HSiFJFpljIPtoumEe0f_HFmdxKYaR8P5pjNiedvfC7oYrWflGEjWLmQIXYt62aaDAH7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140520be20b29b9a4e339fb96c08f9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
081a28b634d960184047a272ea73a8195d21c698f57085805698541249728c1e

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABj; OXPCLK=AAHg4AAAAAAAAABj; ppucnt=99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABj; OXPCLK=AAHg4AAAAAAAAABj; ppucnt=99
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=GVttcNtnxW2JonhC738_6IThdjHYbjvjQtuLalQ9odjHHx4m-O3B-bxwKx3Foj1DBlTWvLWS_TmxQTLQx3mJu5KflOVsc04P2-XjuKRHACgf8M05AT9a6pBm4MDCPIQVo5K07WMdx6i-UtYkSo8YI1dx90GzkWjkmxBwotDoVrPehWyurJWMA9L8tS0JVQOMcjDO1LDTPGniGc7MApiunoWMLCzDSavMmUULqadF1j16FyHkw5mp5VOFaOF3ZhcvlM3Qb92HAqaf-S5hhJdE--SQcDT4txZ30NAuHV1bMis9EUNYPzPtzyLy7T-U2kWBTI2i4VFSyWrlZx2nufrvvvzxbmNp5AUnbz1vVY8eJSSX_VA7zrUSonJp1Dv7tFXRobRws-XvYcEVeBMZn2NBfUnSn0c8LZ9spNaAjz8aMUShILyOtLd63lwwH8hytEvF-2RG7CQv4v0Xz39QQEY9IrK017RZheQCihrycgroCvrYCqWXlTFm5DhhGZSJyzJX8WE33xM7xFeTNmF1xr601rlAZupVImSHEMfk97euw8EfNGO2bXihH6GbaoQZoboBxgfADPkEmoN5HNENsiooz34JJEVIxJeWuJ31iT-mWMJHwTjhsl10xQlCej7uiEYnT4nKSytxGs0YD5QbCq033Gfio1daabCGHz5W&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
73794aa603007dd132bcba0e59e1e0bd74a7ce0c4304cdbcdf541fe0a82b4376

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=GVttcNtnxW2JonhC738_6IThdjHYbjvjQtuLalQ9odjHHx4m-O3B-bxwKx3Foj1DBlTWvLWS_TmxQTLQx3mJu5KflOVsc04P2-XjuKRHACgf8M05AT9a6pBm4MDCPIQVo5K07WMdx6i-UtYkSo8YI1dx90GzkWjkmxBwotDoVrPehWyurJWMA9L8tS0JVQOMcjDO1LDTPGniGc7MApiunoWMLCzDSavMmUULqadF1j16FyHkw5mp5VOFaOF3ZhcvlM3Qb92HAqaf-S5hhJdE--SQcDT4txZ30NAuHV1bMis9EUNYPzPtzyLy7T-U2kWBTI2i4VFSyWrlZx2nufrvvvzxbmNp5AUnbz1vVY8eJSSX_VA7zrUSonJp1Dv7tFXRobRws-XvYcEVeBMZn2NBfUnSn0c8LZ9spNaAjz8aMUShILyOtLd63lwwH8hytEvF-2RG7CQv4v0Xz39QQEY9IrK017RZheQCihrycgroCvrYCqWXlTFm5DhhGZSJyzJX8WE33xM7xFeTNmF1xr601rlAZupVImSHEMfk97euw8EfNGO2bXihH6GbaoQZoboBxgfADPkEmoN5HNENsiooz34JJEVIxJeWuJ31iT-mWMJHwTjhsl10xQlCej7uiEYnT4nKSytxGs0YD5QbCq033Gfio1daabCGHz5W&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABj; OXPCLK=AAHg4AAAAAAAAABj; ppucnt=99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABk; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABk; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=100; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=GVttcNtnxW2JonhC738_6IThdjHYbjvjQtuLalQ9odjHHx4m-O3B-bxwKx3Foj1DBlTWvLWS_TmxQTLQx3mJu5KflOVsc04P2-XjuKRHACgf8M05AT9a6pBm4MDCPIQVo5K07WMdx6i-UtYkSo8YI1dx90GzkWjkmxBwotDoVrPehWyurJWMA9L8tS0JVQOMcjDO1LDTPGniGc7MApiunoWMLCzDSavMmUULqadF1j16FyHkw5mp5VOFaOF3ZhcvlM3Qb92HAqaf-S5hhJdE--SQcDT4txZ30NAuHV1bMis9EUNYPzPtzyLy7T-U2kWBTI2i4VFSyWrlZx2nufrvvvzxbmNp5AUnbz1vVY8eJSSX_VA7zrUSonJp1Dv7tFXRobRws-XvYcEVeBMZn2NBfUnSn0c8LZ9spNaAjz8aMUShILyOtLd63lwwH8hytEvF-2RG7CQv4v0Xz39QQEY9IrK017RZheQCihrycgroCvrYCqWXlTFm5DhhGZSJyzJX8WE33xM7xFeTNmF1xr601rlAZupVImSHEMfk97euw8EfNGO2bXihH6GbaoQZoboBxgfADPkEmoN5HNENsiooz34JJEVIxJeWuJ31iT-mWMJHwTjhsl10xQlCej7uiEYnT4nKSytxGs0YD5QbCq033Gfio1daabCGHz5W&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405977b3e68c74a4121919f31ca6c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4d7ed3f595d88ebc02106cd3b99472659d127561e15d9c9120d8aa9968e119ae

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABk; OXPCLK=AAHg4AAAAAAAAABk; ppucnt=100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABk; OXPCLK=AAHg4AAAAAAAAABk; ppucnt=100
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=AytNXjk4lgNzLAQnKZxUxIx7zq2XqFyh324MeDGhSpC7MjtT4P6DK38U1neIxaF3sN34zKkhrJJAOfEHnZyZAFUClO2T1l9bpHfi6Tl0qHrKQwbgS4XZgm-ww1wnz_oCEk2Wj5ZzrQr3ULZjSFLFUVe-UTnCSwBKUNVj0NArdpqi91H-TSXazG-B1ENycvS_KbFv9V_B6uX-W5JrKhQRPJGtLZAok9dwrTy9y-Ds1VsBurokM5WfoWv00DZUE_zIT4LhwQvb8rNrqORlQ_nS-sVLSbSiSJwlK2wmOUGxwaRJX0XqVNraCl_jkY9JyFrYAmbVyAwe-c4G5EhRe_yP1h2PYhpWNsIjnh1Wne72hqwZM3CH64xiPi3cIvd-QRp0_5tXrCAsxYyyDDRyMIMhNL0PJIvDLMCiqjY-KH9x9yqYSh2QPQrIHTkVpNjET9Wb0BvCLE-xWMTElmPPxKOS2MfTeuNNJV_IPzqPygTMahs6WWeHt4QFBkt-9lVghAsNY2eM_EE7LQFAatd7htYCUYCVjfjmLkPHZpvYigwCimbOkDaLW78xu7rw0JIaaboulUfH3tajrFyQ4j1BscKy30FLzj_JrhHE1Lqa9GYijNd5jqYqcTQ7lp75y7fETIpAeULu68v9NGH237m7lnE_T5g5DXQAIOrydkbw&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
54020efd4ff787fae8fd99fd7b754d5280d5fd63952f56642fce5dbd02744ee1

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=AytNXjk4lgNzLAQnKZxUxIx7zq2XqFyh324MeDGhSpC7MjtT4P6DK38U1neIxaF3sN34zKkhrJJAOfEHnZyZAFUClO2T1l9bpHfi6Tl0qHrKQwbgS4XZgm-ww1wnz_oCEk2Wj5ZzrQr3ULZjSFLFUVe-UTnCSwBKUNVj0NArdpqi91H-TSXazG-B1ENycvS_KbFv9V_B6uX-W5JrKhQRPJGtLZAok9dwrTy9y-Ds1VsBurokM5WfoWv00DZUE_zIT4LhwQvb8rNrqORlQ_nS-sVLSbSiSJwlK2wmOUGxwaRJX0XqVNraCl_jkY9JyFrYAmbVyAwe-c4G5EhRe_yP1h2PYhpWNsIjnh1Wne72hqwZM3CH64xiPi3cIvd-QRp0_5tXrCAsxYyyDDRyMIMhNL0PJIvDLMCiqjY-KH9x9yqYSh2QPQrIHTkVpNjET9Wb0BvCLE-xWMTElmPPxKOS2MfTeuNNJV_IPzqPygTMahs6WWeHt4QFBkt-9lVghAsNY2eM_EE7LQFAatd7htYCUYCVjfjmLkPHZpvYigwCimbOkDaLW78xu7rw0JIaaboulUfH3tajrFyQ4j1BscKy30FLzj_JrhHE1Lqa9GYijNd5jqYqcTQ7lp75y7fETIpAeULu68v9NGH237m7lnE_T5g5DXQAIOrydkbw&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABk; OXPCLK=AAHg4AAAAAAAAABk; ppucnt=100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABl; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure OXPCLK=AAHg4AAAAAAAAABl; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure ppucnt=101; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:47 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=AytNXjk4lgNzLAQnKZxUxIx7zq2XqFyh324MeDGhSpC7MjtT4P6DK38U1neIxaF3sN34zKkhrJJAOfEHnZyZAFUClO2T1l9bpHfi6Tl0qHrKQwbgS4XZgm-ww1wnz_oCEk2Wj5ZzrQr3ULZjSFLFUVe-UTnCSwBKUNVj0NArdpqi91H-TSXazG-B1ENycvS_KbFv9V_B6uX-W5JrKhQRPJGtLZAok9dwrTy9y-Ds1VsBurokM5WfoWv00DZUE_zIT4LhwQvb8rNrqORlQ_nS-sVLSbSiSJwlK2wmOUGxwaRJX0XqVNraCl_jkY9JyFrYAmbVyAwe-c4G5EhRe_yP1h2PYhpWNsIjnh1Wne72hqwZM3CH64xiPi3cIvd-QRp0_5tXrCAsxYyyDDRyMIMhNL0PJIvDLMCiqjY-KH9x9yqYSh2QPQrIHTkVpNjET9Wb0BvCLE-xWMTElmPPxKOS2MfTeuNNJV_IPzqPygTMahs6WWeHt4QFBkt-9lVghAsNY2eM_EE7LQFAatd7htYCUYCVjfjmLkPHZpvYigwCimbOkDaLW78xu7rw0JIaaboulUfH3tajrFyQ4j1BscKy30FLzj_JrhHE1Lqa9GYijNd5jqYqcTQ7lp75y7fETIpAeULu68v9NGH237m7lnE_T5g5DXQAIOrydkbw&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405655d2ccfd13444fe9b184a9e24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
03aa7cab8a5501e86dee8147f4fe1db66df5c02ed4202cc24fa499a181f3150a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABl; OXPCLK=AAHg4AAAAAAAAABl; ppucnt=101
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABl; OXPCLK=AAHg4AAAAAAAAABl; ppucnt=101
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=LSfZJZRO5qhJ4Haso53RPEAVc_nPUc1EUX7Rdzku6dyyTsEs0qWDnZUtrOJiE2Lu6ebjwwaHVE_gS_pcowUGkvnTGBrXvrGHEhYtKtyN7B_SsNP2Vi-MzyLgQ_OC-0Vh48v0bhiBMYnP1vc_Eu7MQx6hj0lFEMGtmJlJXYjnoiP8q66JXFTULYskRliFQoIRMpV6RlFLaLxN37vV24GOOE3r3fGEW9-rDG2bkYVv7DiuaZhLexSbXYX1R_6szTyfieXwCRmo9O-jKA6M9d3c57Xr8VQ00bIGLp7mC_G0QNgtXwf0mMgX4Pab-UIPi92FtF_jx_5wSPOL74ioslfC0tWtREcZ7N-qANF0oXOKmfc9LZJVrUOvXWiWUIQuXPG1LxQ1A27OEfDyg99-AEtmIQL0IfDG_fXnXKnuc4ZPbFhY9LZ9NhHbRz-CeozZY9ZaZX1ShAhICh5V6P0NWzgB0Ksq76ZNCzrDtLedLmp0BvLHgJnm-L-DKoyO80qsNsNblvdIMomOeYakZLGI9IheJuKHw6q-6cReTuDhCJ11l9i-MDkbqNAXCTFApIU-cGEGe3Vps1-SPFTmZXXGX5YhH9SSV7DnNj_C7ezIlJ9iY2ybsnTYDJKSp3DsD98J6SGIQv0ajHHb4KKcABne5GG5_weCk3vR3JiIFf6R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=LSfZJZRO5qhJ4Haso53RPEAVc_nPUc1EUX7Rdzku6dyyTsEs0qWDnZUtrOJiE2Lu6ebjwwaHVE_gS_pcowUGkvnTGBrXvrGHEhYtKtyN7B_SsNP2Vi-MzyLgQ_OC-0Vh48v0bhiBMYnP1vc_Eu7MQx6hj0lFEMGtmJlJXYjnoiP8q66JXFTULYskRliFQoIRMpV6RlFLaLxN37vV24GOOE3r3fGEW9-rDG2bkYVv7DiuaZhLexSbXYX1R_6szTyfieXwCRmo9O-jKA6M9d3c57Xr8VQ00bIGLp7mC_G0QNgtXwf0mMgX4Pab-UIPi92FtF_jx_5wSPOL74ioslfC0tWtREcZ7N-qANF0oXOKmfc9LZJVrUOvXWiWUIQuXPG1LxQ1A27OEfDyg99-AEtmIQL0IfDG_fXnXKnuc4ZPbFhY9LZ9NhHbRz-CeozZY9ZaZX1ShAhICh5V6P0NWzgB0Ksq76ZNCzrDtLedLmp0BvLHgJnm-L-DKoyO80qsNsNblvdIMomOeYakZLGI9IheJuKHw6q-6cReTuDhCJ11l9i-MDkbqNAXCTFApIU-cGEGe3Vps1-SPFTmZXXGX5YhH9SSV7DnNj_C7ezIlJ9iY2ybsnTYDJKSp3DsD98J6SGIQv0ajHHb4KKcABne5GG5_weCk3vR3JiIFf6R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABl; OXPCLK=AAHg4AAAAAAAAABl; ppucnt=101
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABm; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure OXPCLK=AAHg4AAAAAAAAABm; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure ppucnt=102; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=3ab8f46f26faaeb17be28de71d9963521631480747&psp=LSfZJZRO5qhJ4Haso53RPEAVc_nPUc1EUX7Rdzku6dyyTsEs0qWDnZUtrOJiE2Lu6ebjwwaHVE_gS_pcowUGkvnTGBrXvrGHEhYtKtyN7B_SsNP2Vi-MzyLgQ_OC-0Vh48v0bhiBMYnP1vc_Eu7MQx6hj0lFEMGtmJlJXYjnoiP8q66JXFTULYskRliFQoIRMpV6RlFLaLxN37vV24GOOE3r3fGEW9-rDG2bkYVv7DiuaZhLexSbXYX1R_6szTyfieXwCRmo9O-jKA6M9d3c57Xr8VQ00bIGLp7mC_G0QNgtXwf0mMgX4Pab-UIPi92FtF_jx_5wSPOL74ioslfC0tWtREcZ7N-qANF0oXOKmfc9LZJVrUOvXWiWUIQuXPG1LxQ1A27OEfDyg99-AEtmIQL0IfDG_fXnXKnuc4ZPbFhY9LZ9NhHbRz-CeozZY9ZaZX1ShAhICh5V6P0NWzgB0Ksq76ZNCzrDtLedLmp0BvLHgJnm-L-DKoyO80qsNsNblvdIMomOeYakZLGI9IheJuKHw6q-6cReTuDhCJ11l9i-MDkbqNAXCTFApIU-cGEGe3Vps1-SPFTmZXXGX5YhH9SSV7DnNj_C7ezIlJ9iY2ybsnTYDJKSp3DsD98J6SGIQv0ajHHb4KKcABne5GG5_weCk3vR3JiIFf6R&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140567e7c0a184924cf3a4e4a2d6c9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
851d10dcd1110d3f5ba81c96d8e0ea1f8298e6b9cbdb00f465a26ef6a7207137

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABm; OXPCLK=AAHg4AAAAAAAAABm; ppucnt=102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABm; OXPCLK=AAHg4AAAAAAAAABm; ppucnt=102
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=7ltb-qB6h1l6Db61FBDmePZf_vEVSXC_IJ4HSf7WgfrP88HFfjWlhdYRnhjwsqsvcYQkQXVxkrtXfk3OiYaeYuWZdnXEHiwQ6aAz1AR06emkHxGsZOBcZhf5nLdH3jLPhzXFcce7ejecnp2Og4FQm4GqH16tzKH2HBy75Ho5ZmSXwV4vZyyOL0hEbI2jhFUdlUYgcJJZhm6E6K9xf2ZDnUsiw1LyOiUS1dKwm0sSdy0N5NhRlqupz1pY0Ob00KbAdJHJnFnmghxx4C--z125PzLV7cKl5vf7wPax6J9nNLH9VY0p3kSx-yTJ_AbKJnAYMYvjEAMVM2GPFJtfny_g4clqHy6tOmFgwkJOcQMSnP5hUb96V0Gt2wx7WOoGZhoTmeO6M6ikcBVroli6G_lEzxWUvpBE0nEiOGM-YoS1842tp3yBK4eNLxS14cTaGwv_pnmDyt4ub4JoyUepX7ld7uMipkMNO1JYXy55gXIjLThYRTniTtfx0i2WwiVvJQ3dErVQVMgVhgPhWDbD8ZGTSJmmIpthQFDIJa8qM5-Kp5Ms3fREmBsDKukMkNuJzwIb6YjGv_iNqZeek0-6C5uxeflwuwrbFaEtvDwU4ViogxuXhnpYG8tZivLxTzo004YBLzNW7hDftUE_eZHqNysbTw5U5xvD2UaWoY_j&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=7ltb-qB6h1l6Db61FBDmePZf_vEVSXC_IJ4HSf7WgfrP88HFfjWlhdYRnhjwsqsvcYQkQXVxkrtXfk3OiYaeYuWZdnXEHiwQ6aAz1AR06emkHxGsZOBcZhf5nLdH3jLPhzXFcce7ejecnp2Og4FQm4GqH16tzKH2HBy75Ho5ZmSXwV4vZyyOL0hEbI2jhFUdlUYgcJJZhm6E6K9xf2ZDnUsiw1LyOiUS1dKwm0sSdy0N5NhRlqupz1pY0Ob00KbAdJHJnFnmghxx4C--z125PzLV7cKl5vf7wPax6J9nNLH9VY0p3kSx-yTJ_AbKJnAYMYvjEAMVM2GPFJtfny_g4clqHy6tOmFgwkJOcQMSnP5hUb96V0Gt2wx7WOoGZhoTmeO6M6ikcBVroli6G_lEzxWUvpBE0nEiOGM-YoS1842tp3yBK4eNLxS14cTaGwv_pnmDyt4ub4JoyUepX7ld7uMipkMNO1JYXy55gXIjLThYRTniTtfx0i2WwiVvJQ3dErVQVMgVhgPhWDbD8ZGTSJmmIpthQFDIJa8qM5-Kp5Ms3fREmBsDKukMkNuJzwIb6YjGv_iNqZeek0-6C5uxeflwuwrbFaEtvDwU4ViogxuXhnpYG8tZivLxTzo004YBLzNW7hDftUE_eZHqNysbTw5U5xvD2UaWoY_j&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABm; OXPCLK=AAHg4AAAAAAAAABm; ppucnt=102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABn; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure OXPCLK=AAHg4AAAAAAAAABn; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure ppucnt=103; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=7ltb-qB6h1l6Db61FBDmePZf_vEVSXC_IJ4HSf7WgfrP88HFfjWlhdYRnhjwsqsvcYQkQXVxkrtXfk3OiYaeYuWZdnXEHiwQ6aAz1AR06emkHxGsZOBcZhf5nLdH3jLPhzXFcce7ejecnp2Og4FQm4GqH16tzKH2HBy75Ho5ZmSXwV4vZyyOL0hEbI2jhFUdlUYgcJJZhm6E6K9xf2ZDnUsiw1LyOiUS1dKwm0sSdy0N5NhRlqupz1pY0Ob00KbAdJHJnFnmghxx4C--z125PzLV7cKl5vf7wPax6J9nNLH9VY0p3kSx-yTJ_AbKJnAYMYvjEAMVM2GPFJtfny_g4clqHy6tOmFgwkJOcQMSnP5hUb96V0Gt2wx7WOoGZhoTmeO6M6ikcBVroli6G_lEzxWUvpBE0nEiOGM-YoS1842tp3yBK4eNLxS14cTaGwv_pnmDyt4ub4JoyUepX7ld7uMipkMNO1JYXy55gXIjLThYRTniTtfx0i2WwiVvJQ3dErVQVMgVhgPhWDbD8ZGTSJmmIpthQFDIJa8qM5-Kp5Ms3fREmBsDKukMkNuJzwIb6YjGv_iNqZeek0-6C5uxeflwuwrbFaEtvDwU4ViogxuXhnpYG8tZivLxTzo004YBLzNW7hDftUE_eZHqNysbTw5U5xvD2UaWoY_j&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405254533c9b78e46e9ab5e2a3766&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bc5191bd0279cbed11b958fe755e5eec121b2f82b091290234ccf01e8aea8189

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABn; OXPCLK=AAHg4AAAAAAAAABn; ppucnt=103
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABn; OXPCLK=AAHg4AAAAAAAAABn; ppucnt=103
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=4r2zQ_oleOisE1EYSZcbD7JODd-0im9xu4OMiOOcxVvsmr5y4hL5PQV7tL9Yf5bzAFF6mmOoIiUaRCwLG1rQjiTm7XXWdo9VsFJ6eyFRV9f0TNRaVkVSznat5Ey6Z5tNXM650yXGPhyFJ0SxU1r-Ok2mWjeTpJv-nAHWFebQt6ISbSG7WLixApsggh9Tz5bJiyW4X1korI_i9hUSqx41iqG8QVf9OxNI5txxRK-reGuXye0yC8jddUg0qxuOxqx54KUxrFYB_r398pts2v-5QbDxCPuyGOLdwewbG0u1Jec5P9CM4eP6fCV5LXdALizEZ6a-7oiRtViYDi1uCm1Nll1MvebzCOe2CNqdyP6KSGtr1rVcn5Jf4duOZIyqODVOeBSOms9oMv0uty_DMrU3qRz6rBsI6v5rIEDJU1sfThSEjutXnZTgyQPmMpSE7FAsAPt6MAVokw1ous6X71ooABN7BNt4Qre5dEfUyNGyjTaNlWZH-YQrVawxW1Q7sptbMXV2nVThlUvBfKiItncGSDmvUzXRuwMD2xe7wtSkEsY6I-SmGavQAfZ35rHerlRIoDoTGSuiCazjijDomdeQCgOhvOQPqyrOJAieonAhQ-h5XoPHGiDAoDRbPGtQ-vrkW766hMPU3Nzu_0wUyA4dutT_SNyQX3VZvtYK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
39c808d267e8206df0838c60285c1222b080cecb095001278945c270ab4b5d7d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=4r2zQ_oleOisE1EYSZcbD7JODd-0im9xu4OMiOOcxVvsmr5y4hL5PQV7tL9Yf5bzAFF6mmOoIiUaRCwLG1rQjiTm7XXWdo9VsFJ6eyFRV9f0TNRaVkVSznat5Ey6Z5tNXM650yXGPhyFJ0SxU1r-Ok2mWjeTpJv-nAHWFebQt6ISbSG7WLixApsggh9Tz5bJiyW4X1korI_i9hUSqx41iqG8QVf9OxNI5txxRK-reGuXye0yC8jddUg0qxuOxqx54KUxrFYB_r398pts2v-5QbDxCPuyGOLdwewbG0u1Jec5P9CM4eP6fCV5LXdALizEZ6a-7oiRtViYDi1uCm1Nll1MvebzCOe2CNqdyP6KSGtr1rVcn5Jf4duOZIyqODVOeBSOms9oMv0uty_DMrU3qRz6rBsI6v5rIEDJU1sfThSEjutXnZTgyQPmMpSE7FAsAPt6MAVokw1ous6X71ooABN7BNt4Qre5dEfUyNGyjTaNlWZH-YQrVawxW1Q7sptbMXV2nVThlUvBfKiItncGSDmvUzXRuwMD2xe7wtSkEsY6I-SmGavQAfZ35rHerlRIoDoTGSuiCazjijDomdeQCgOhvOQPqyrOJAieonAhQ-h5XoPHGiDAoDRbPGtQ-vrkW766hMPU3Nzu_0wUyA4dutT_SNyQX3VZvtYK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABn; OXPCLK=AAHg4AAAAAAAAABn; ppucnt=103
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABo; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure OXPCLK=AAHg4AAAAAAAAABo; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure ppucnt=104; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:48 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=4r2zQ_oleOisE1EYSZcbD7JODd-0im9xu4OMiOOcxVvsmr5y4hL5PQV7tL9Yf5bzAFF6mmOoIiUaRCwLG1rQjiTm7XXWdo9VsFJ6eyFRV9f0TNRaVkVSznat5Ey6Z5tNXM650yXGPhyFJ0SxU1r-Ok2mWjeTpJv-nAHWFebQt6ISbSG7WLixApsggh9Tz5bJiyW4X1korI_i9hUSqx41iqG8QVf9OxNI5txxRK-reGuXye0yC8jddUg0qxuOxqx54KUxrFYB_r398pts2v-5QbDxCPuyGOLdwewbG0u1Jec5P9CM4eP6fCV5LXdALizEZ6a-7oiRtViYDi1uCm1Nll1MvebzCOe2CNqdyP6KSGtr1rVcn5Jf4duOZIyqODVOeBSOms9oMv0uty_DMrU3qRz6rBsI6v5rIEDJU1sfThSEjutXnZTgyQPmMpSE7FAsAPt6MAVokw1ous6X71ooABN7BNt4Qre5dEfUyNGyjTaNlWZH-YQrVawxW1Q7sptbMXV2nVThlUvBfKiItncGSDmvUzXRuwMD2xe7wtSkEsY6I-SmGavQAfZ35rHerlRIoDoTGSuiCazjijDomdeQCgOhvOQPqyrOJAieonAhQ-h5XoPHGiDAoDRbPGtQ-vrkW766hMPU3Nzu_0wUyA4dutT_SNyQX3VZvtYK&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405232426d93cf5419c9619c3ff0b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
14d4a66c32cd92226623d2c48f4e4245f058208ccfa91dc9f7bd757074c7493c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABo; OXPCLK=AAHg4AAAAAAAAABo; ppucnt=104
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABo; OXPCLK=AAHg4AAAAAAAAABo; ppucnt=104
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=oDpEG-7SBrF47vhmyi7aXdt2rRC7F_ecTk2dvCFRJ-1Z9ETcVlXoaLIX6xnGAkMopprWbD95uoG44yx9RLVPkKdXy2fXpo7TOz0C5O4-hSh0gfhFn90IQwMZ0ozswS4J8PKT2ji0YEcHnj1tFS9MACBpxCsiWn3aiP6mdYA-_lWdZQLR8BDPUJOB3SdcA8N94QrVWlVuCC95vp3k7ygCLbkR8E6lHPEg1gSlJNO7nyggTN8ICBD32eoAC80vLZrC_TXa0aN8gUIMvCetu5KjZVRCCOO7x0tE_1iLDXC6Rx_Jhc-8Axi_EAOwO_EX7aaSU7Z1JOGxjtUpfFKlwDRAhcSRPFZ8jiMrBLs6BCJZojppvI8vswCS3JtgzFsvrOykU3qT7W-lZQ7VTMUN-_64EMcnkBJgDmH9THf_46Eqxt3q3sdp0T0LBhfnynFR5dzp-dKf05I1kPs2gnaaaXDZnvvYs-7AgZ9_ndgPICKNWBcdco3dDtF-GVye7QJGM4gKKqcIauhx3IBojqVxw2IgnhxKJm_jcJF-E95TsavbXURAlcaj5MhLbaagyg7-JlB_E9-dHW3fvxpaGeltkwjkdERn0cXuIC88dJ-1JDnKaoTH34ujoFJRBDYHSpctl_SZhHPHesrL8KBaY_hxnAsbW7ewd_ZDU7RUSogW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0533ca68955b35a3f0a4ad922e0f5158c3c3653f24a0a7e3fb69fa3b1a95acc2

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=oDpEG-7SBrF47vhmyi7aXdt2rRC7F_ecTk2dvCFRJ-1Z9ETcVlXoaLIX6xnGAkMopprWbD95uoG44yx9RLVPkKdXy2fXpo7TOz0C5O4-hSh0gfhFn90IQwMZ0ozswS4J8PKT2ji0YEcHnj1tFS9MACBpxCsiWn3aiP6mdYA-_lWdZQLR8BDPUJOB3SdcA8N94QrVWlVuCC95vp3k7ygCLbkR8E6lHPEg1gSlJNO7nyggTN8ICBD32eoAC80vLZrC_TXa0aN8gUIMvCetu5KjZVRCCOO7x0tE_1iLDXC6Rx_Jhc-8Axi_EAOwO_EX7aaSU7Z1JOGxjtUpfFKlwDRAhcSRPFZ8jiMrBLs6BCJZojppvI8vswCS3JtgzFsvrOykU3qT7W-lZQ7VTMUN-_64EMcnkBJgDmH9THf_46Eqxt3q3sdp0T0LBhfnynFR5dzp-dKf05I1kPs2gnaaaXDZnvvYs-7AgZ9_ndgPICKNWBcdco3dDtF-GVye7QJGM4gKKqcIauhx3IBojqVxw2IgnhxKJm_jcJF-E95TsavbXURAlcaj5MhLbaagyg7-JlB_E9-dHW3fvxpaGeltkwjkdERn0cXuIC88dJ-1JDnKaoTH34ujoFJRBDYHSpctl_SZhHPHesrL8KBaY_hxnAsbW7ewd_ZDU7RUSogW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABo; OXPCLK=AAHg4AAAAAAAAABo; ppucnt=104
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABp; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABp; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=105; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=35f397b062eccbc87fbc17d1ace468291631480748&psp=oDpEG-7SBrF47vhmyi7aXdt2rRC7F_ecTk2dvCFRJ-1Z9ETcVlXoaLIX6xnGAkMopprWbD95uoG44yx9RLVPkKdXy2fXpo7TOz0C5O4-hSh0gfhFn90IQwMZ0ozswS4J8PKT2ji0YEcHnj1tFS9MACBpxCsiWn3aiP6mdYA-_lWdZQLR8BDPUJOB3SdcA8N94QrVWlVuCC95vp3k7ygCLbkR8E6lHPEg1gSlJNO7nyggTN8ICBD32eoAC80vLZrC_TXa0aN8gUIMvCetu5KjZVRCCOO7x0tE_1iLDXC6Rx_Jhc-8Axi_EAOwO_EX7aaSU7Z1JOGxjtUpfFKlwDRAhcSRPFZ8jiMrBLs6BCJZojppvI8vswCS3JtgzFsvrOykU3qT7W-lZQ7VTMUN-_64EMcnkBJgDmH9THf_46Eqxt3q3sdp0T0LBhfnynFR5dzp-dKf05I1kPs2gnaaaXDZnvvYs-7AgZ9_ndgPICKNWBcdco3dDtF-GVye7QJGM4gKKqcIauhx3IBojqVxw2IgnhxKJm_jcJF-E95TsavbXURAlcaj5MhLbaagyg7-JlB_E9-dHW3fvxpaGeltkwjkdERn0cXuIC88dJ-1JDnKaoTH34ujoFJRBDYHSpctl_SZhHPHesrL8KBaY_hxnAsbW7ewd_ZDU7RUSogW&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051ef81455d22441788f09a094e9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0cc28e47beb1281cbb9adda6aafd5d14ae2fee158e2ddc2fe8f7f74189e83a86

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABp; OXPCLK=AAHg4AAAAAAAAABp; ppucnt=105
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABp; OXPCLK=AAHg4AAAAAAAAABp; ppucnt=105
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=MX4tv60IQo4-EXYi3TjEiV6mFk7WjJ2T37zHn_xHn3V3P_DGOBDQGBl81Iwh_094YmzT4el4J203kdtyibzszGUK4_Cc5V-VSMa4NDKnTEi5OyBuV_kjio-8cvVMxSZbMoZ019RMR78H8qxbHh1qehRrMTYChEUFIiESQhkdwqJ9k-Ga9emIZ8JQaUN7kxrzaZrGq2d2daFevdtDIETdWJ8qFhROGzeY2Rj62U99TcMRhYxFxcfkPjZygfp-z1Y6Mxn1NDFwDjOtMiY2DdCqxfIXbrTo4Jal8SYT4TovBW8g5tvEsiD90VFv5FOKiZeTTBwvCtUAr_97XrujJ3eDWgSAireueCN1TWYNnOI1tK3HMdbnfm9JZ6TkmjGTMGgu8a7eKh2XlnNarMk8hKmHpir_Nkh6We_vGSy3cQ4oGoGfN5DbPmnf7tSZW1_PzRFzJFtlZhVrfwEF2bFiDECojZ5z40EaJpYbbcrQ4fhmPZHGji8rKQt_Zra7j48WLsjbZ4ZNMIHCFdeapNygst-DT3T8XsdUtGNpeJNbvSmw4LRCofKmWJdD-CxAOUN-SsmaPTluuLClopyeG0RNRAFlct42EiZ5VYR-k_JCEviQc49Nog7Od2-063pgZbClqDijubYpXArL6VC1OPZ7HKkHXYu4UrrweicOvhB8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e5b1d7179d66053916d31376b87ce861f718478ab0e4c6c16ca1a5f5224e2489

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=MX4tv60IQo4-EXYi3TjEiV6mFk7WjJ2T37zHn_xHn3V3P_DGOBDQGBl81Iwh_094YmzT4el4J203kdtyibzszGUK4_Cc5V-VSMa4NDKnTEi5OyBuV_kjio-8cvVMxSZbMoZ019RMR78H8qxbHh1qehRrMTYChEUFIiESQhkdwqJ9k-Ga9emIZ8JQaUN7kxrzaZrGq2d2daFevdtDIETdWJ8qFhROGzeY2Rj62U99TcMRhYxFxcfkPjZygfp-z1Y6Mxn1NDFwDjOtMiY2DdCqxfIXbrTo4Jal8SYT4TovBW8g5tvEsiD90VFv5FOKiZeTTBwvCtUAr_97XrujJ3eDWgSAireueCN1TWYNnOI1tK3HMdbnfm9JZ6TkmjGTMGgu8a7eKh2XlnNarMk8hKmHpir_Nkh6We_vGSy3cQ4oGoGfN5DbPmnf7tSZW1_PzRFzJFtlZhVrfwEF2bFiDECojZ5z40EaJpYbbcrQ4fhmPZHGji8rKQt_Zra7j48WLsjbZ4ZNMIHCFdeapNygst-DT3T8XsdUtGNpeJNbvSmw4LRCofKmWJdD-CxAOUN-SsmaPTluuLClopyeG0RNRAFlct42EiZ5VYR-k_JCEviQc49Nog7Od2-063pgZbClqDijubYpXArL6VC1OPZ7HKkHXYu4UrrweicOvhB8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABp; OXPCLK=AAHg4AAAAAAAAABp; ppucnt=105
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABq; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABq; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=106; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=MX4tv60IQo4-EXYi3TjEiV6mFk7WjJ2T37zHn_xHn3V3P_DGOBDQGBl81Iwh_094YmzT4el4J203kdtyibzszGUK4_Cc5V-VSMa4NDKnTEi5OyBuV_kjio-8cvVMxSZbMoZ019RMR78H8qxbHh1qehRrMTYChEUFIiESQhkdwqJ9k-Ga9emIZ8JQaUN7kxrzaZrGq2d2daFevdtDIETdWJ8qFhROGzeY2Rj62U99TcMRhYxFxcfkPjZygfp-z1Y6Mxn1NDFwDjOtMiY2DdCqxfIXbrTo4Jal8SYT4TovBW8g5tvEsiD90VFv5FOKiZeTTBwvCtUAr_97XrujJ3eDWgSAireueCN1TWYNnOI1tK3HMdbnfm9JZ6TkmjGTMGgu8a7eKh2XlnNarMk8hKmHpir_Nkh6We_vGSy3cQ4oGoGfN5DbPmnf7tSZW1_PzRFzJFtlZhVrfwEF2bFiDECojZ5z40EaJpYbbcrQ4fhmPZHGji8rKQt_Zra7j48WLsjbZ4ZNMIHCFdeapNygst-DT3T8XsdUtGNpeJNbvSmw4LRCofKmWJdD-CxAOUN-SsmaPTluuLClopyeG0RNRAFlct42EiZ5VYR-k_JCEviQc49Nog7Od2-063pgZbClqDijubYpXArL6VC1OPZ7HKkHXYu4UrrweicOvhB8&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058fbf5d83fbed49cba100c3bcf3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cca38111716a1d702fc344025ae927de62ff4f980ba00b1522ef28fd0c1d57b0

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABq; OXPCLK=AAHg4AAAAAAAAABq; ppucnt=106
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABq; OXPCLK=AAHg4AAAAAAAAABq; ppucnt=106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=ljqCwaDr19JQp7yS-gEXUAmRocvx5vw-Yeo0m6KQMdby2YIfVCXk1DuWrJCbuntDLdNj4B3MHwa2zwwVb0IJRUczZe_RYS2_zPPKXyLQ2ZPiRYRW33LPKPkEjbswWd7V-7cBAkB4L2dyor9JRYebrChcRUmdxOoI8Xnoyqdp0iMf-G3WZl_jWSosdSZU8_mBzRmbJj4aJxMPgx8V_vrQ26dEUnZ7A_7kAsBmInNpgfBDeSfUBs1f5s2JXf-iICWn0Ws8WUqWAAaGCeP6GeEjUfq8wGgN4BlhXObTDezgieDwIRtYvXGXJNTptB_ErFc8ehgPgQwZQBm1NKrAfTld-MpY0B9sNP3isAcSdqwnRyCh0k6whn35tnpXIR4gE4YeHSJquyxP6VCm8LkZ1PYk2eRLFPgsE1ZhLgEnCw7UPvtW8wE3XtrY-RZuI_C1zcejQTfQuoCpl4srdVeooM7rVWdYuNrgrq8Oon4JjYty_MHDAPeWIoloPPxKWXLtUX2tOG6JTNlBSccddDEHuQfgBSEQ87sEfz4TSsYyqCWM-OJsoqM3gJ3MzsK_Uz6ipS6lQ4hbibY-1yEitiWlYtG9m4UhUucqKQ_lY2trrSCu19W4yl6kfK4_pPRo95o-EAKX1YIDlMtph7w3iGxeRdwD3rPduqdgp3vBHIVI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9e71835b746ffddc8b74b3ff0667f03b9b068910a42639d78dedc4246b7bba01

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=ljqCwaDr19JQp7yS-gEXUAmRocvx5vw-Yeo0m6KQMdby2YIfVCXk1DuWrJCbuntDLdNj4B3MHwa2zwwVb0IJRUczZe_RYS2_zPPKXyLQ2ZPiRYRW33LPKPkEjbswWd7V-7cBAkB4L2dyor9JRYebrChcRUmdxOoI8Xnoyqdp0iMf-G3WZl_jWSosdSZU8_mBzRmbJj4aJxMPgx8V_vrQ26dEUnZ7A_7kAsBmInNpgfBDeSfUBs1f5s2JXf-iICWn0Ws8WUqWAAaGCeP6GeEjUfq8wGgN4BlhXObTDezgieDwIRtYvXGXJNTptB_ErFc8ehgPgQwZQBm1NKrAfTld-MpY0B9sNP3isAcSdqwnRyCh0k6whn35tnpXIR4gE4YeHSJquyxP6VCm8LkZ1PYk2eRLFPgsE1ZhLgEnCw7UPvtW8wE3XtrY-RZuI_C1zcejQTfQuoCpl4srdVeooM7rVWdYuNrgrq8Oon4JjYty_MHDAPeWIoloPPxKWXLtUX2tOG6JTNlBSccddDEHuQfgBSEQ87sEfz4TSsYyqCWM-OJsoqM3gJ3MzsK_Uz6ipS6lQ4hbibY-1yEitiWlYtG9m4UhUucqKQ_lY2trrSCu19W4yl6kfK4_pPRo95o-EAKX1YIDlMtph7w3iGxeRdwD3rPduqdgp3vBHIVI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABq; OXPCLK=AAHg4AAAAAAAAABq; ppucnt=106
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABr; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABr; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=107; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=ljqCwaDr19JQp7yS-gEXUAmRocvx5vw-Yeo0m6KQMdby2YIfVCXk1DuWrJCbuntDLdNj4B3MHwa2zwwVb0IJRUczZe_RYS2_zPPKXyLQ2ZPiRYRW33LPKPkEjbswWd7V-7cBAkB4L2dyor9JRYebrChcRUmdxOoI8Xnoyqdp0iMf-G3WZl_jWSosdSZU8_mBzRmbJj4aJxMPgx8V_vrQ26dEUnZ7A_7kAsBmInNpgfBDeSfUBs1f5s2JXf-iICWn0Ws8WUqWAAaGCeP6GeEjUfq8wGgN4BlhXObTDezgieDwIRtYvXGXJNTptB_ErFc8ehgPgQwZQBm1NKrAfTld-MpY0B9sNP3isAcSdqwnRyCh0k6whn35tnpXIR4gE4YeHSJquyxP6VCm8LkZ1PYk2eRLFPgsE1ZhLgEnCw7UPvtW8wE3XtrY-RZuI_C1zcejQTfQuoCpl4srdVeooM7rVWdYuNrgrq8Oon4JjYty_MHDAPeWIoloPPxKWXLtUX2tOG6JTNlBSccddDEHuQfgBSEQ87sEfz4TSsYyqCWM-OJsoqM3gJ3MzsK_Uz6ipS6lQ4hbibY-1yEitiWlYtG9m4UhUucqKQ_lY2trrSCu19W4yl6kfK4_pPRo95o-EAKX1YIDlMtph7w3iGxeRdwD3rPduqdgp3vBHIVI&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050b15972148494bb7ade0578b8d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
92ebac60cea803fcee33aa433dd0351bc5baffb3f0e6f1d8d2bf270108e7e230

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABr; OXPCLK=AAHg4AAAAAAAAABr; ppucnt=107
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABr; OXPCLK=AAHg4AAAAAAAAABr; ppucnt=107
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=fJI5_WA3TGFivwsDsy99mGZLpVsTWRX0ZRRFGLdF-Sj-xC0AFJ-fQOOAH9p0Jnh7mlZComNUfm33fzHBZDUZe4Y7yYKOopdalEBzJyoW8HCRxvVUgxs_4hSVXOWF7BQioV7JTs_lGwCtY36HU0NhxrdN1_5KqA2O85BHeE4ECev0ecxYwrQZIQQGrldvxqIHV6bJNDMbudv21ki0RwrSKt13-Jx1-4qq_q_myzbTftDN6_RhV5xX9_CgcRyODUiwQ5iW-ypuwswqgglKiEnoTXHeY0ywAuS7uEw0K3PE-cb6o-_fjkq3fAsxv8JgDHUMCne23BWapQJaexQDJ-VDjTVdb6VMmjefscQAuiu5_Dga1cVfjDflj8OA-b98dG3vCQi17uLpgUywbPsN6ZNCHgqAu3gRGUfZD7qcul5UCmSEesEdbgN0GIT3JqF-xHYiWj76pGxLlni5S5xyV92ilm2qyiRSz-PTemWp-RDJcTKff56CVqDkvZ0CVBWbS70shXcB5QGkllILKVkXdWtt5ML3Ot0HLMxBlWvgClXfEqlNH928fb-bCYHURct5oP86GyU4VNn5KwdcFfRb8PrZWWuATOxRnNxs56yjQYGI3yLAv0AH-uhhsskd94i8jJ_3_oor8W_l_hjck0EGm2T4jLH8da41rhixwgbu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6c7d1eb8839c3039b8a31209776b2ebe0c1307e95eed6b2e51653c3bc4f13469

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=fJI5_WA3TGFivwsDsy99mGZLpVsTWRX0ZRRFGLdF-Sj-xC0AFJ-fQOOAH9p0Jnh7mlZComNUfm33fzHBZDUZe4Y7yYKOopdalEBzJyoW8HCRxvVUgxs_4hSVXOWF7BQioV7JTs_lGwCtY36HU0NhxrdN1_5KqA2O85BHeE4ECev0ecxYwrQZIQQGrldvxqIHV6bJNDMbudv21ki0RwrSKt13-Jx1-4qq_q_myzbTftDN6_RhV5xX9_CgcRyODUiwQ5iW-ypuwswqgglKiEnoTXHeY0ywAuS7uEw0K3PE-cb6o-_fjkq3fAsxv8JgDHUMCne23BWapQJaexQDJ-VDjTVdb6VMmjefscQAuiu5_Dga1cVfjDflj8OA-b98dG3vCQi17uLpgUywbPsN6ZNCHgqAu3gRGUfZD7qcul5UCmSEesEdbgN0GIT3JqF-xHYiWj76pGxLlni5S5xyV92ilm2qyiRSz-PTemWp-RDJcTKff56CVqDkvZ0CVBWbS70shXcB5QGkllILKVkXdWtt5ML3Ot0HLMxBlWvgClXfEqlNH928fb-bCYHURct5oP86GyU4VNn5KwdcFfRb8PrZWWuATOxRnNxs56yjQYGI3yLAv0AH-uhhsskd94i8jJ_3_oor8W_l_hjck0EGm2T4jLH8da41rhixwgbu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABr; OXPCLK=AAHg4AAAAAAAAABr; ppucnt=107
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABs; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABs; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=108; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=fJI5_WA3TGFivwsDsy99mGZLpVsTWRX0ZRRFGLdF-Sj-xC0AFJ-fQOOAH9p0Jnh7mlZComNUfm33fzHBZDUZe4Y7yYKOopdalEBzJyoW8HCRxvVUgxs_4hSVXOWF7BQioV7JTs_lGwCtY36HU0NhxrdN1_5KqA2O85BHeE4ECev0ecxYwrQZIQQGrldvxqIHV6bJNDMbudv21ki0RwrSKt13-Jx1-4qq_q_myzbTftDN6_RhV5xX9_CgcRyODUiwQ5iW-ypuwswqgglKiEnoTXHeY0ywAuS7uEw0K3PE-cb6o-_fjkq3fAsxv8JgDHUMCne23BWapQJaexQDJ-VDjTVdb6VMmjefscQAuiu5_Dga1cVfjDflj8OA-b98dG3vCQi17uLpgUywbPsN6ZNCHgqAu3gRGUfZD7qcul5UCmSEesEdbgN0GIT3JqF-xHYiWj76pGxLlni5S5xyV92ilm2qyiRSz-PTemWp-RDJcTKff56CVqDkvZ0CVBWbS70shXcB5QGkllILKVkXdWtt5ML3Ot0HLMxBlWvgClXfEqlNH928fb-bCYHURct5oP86GyU4VNn5KwdcFfRb8PrZWWuATOxRnNxs56yjQYGI3yLAv0AH-uhhsskd94i8jJ_3_oor8W_l_hjck0EGm2T4jLH8da41rhixwgbu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ec7ee1341f9b4f7abe739e5302&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0f60207aebe223f1b9a75c186d26e301fd24ecf39165c73cf71dc451034b0d9c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABs; OXPCLK=AAHg4AAAAAAAAABs; ppucnt=108
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABs; OXPCLK=AAHg4AAAAAAAAABs; ppucnt=108
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=D82QyaJnwWpcHZiSoqaOofytqCsJfIH7q90Ea6sRk3U3g2sy_6ajccwa_DkTz6-UfevdvFGRCucgSa_Zh5qa2_ymwVn8X2DT3vrIocw0__DUTyZv0AaeSaNyKVkOiJoLqNCWtOnLjtf6GCN31h81T-c0bFuDR_-rd-SaIo5mTcWUraLXE0UGr8UpqCsLnXkwEdQ3yUaiZLDf9k46uduoij_SUDBzEhyAkPJ0H6flLE66urJbvliT5tH0M0xplG5q5y8yzDHt6_PicvebiEx9270EzQLHIDWB43Q6cU5U27WGCIAkHf7IgI2WZ9-2rs7CfczWB_jYSHQ5uf25_xQR7D43qV7lYI-5eevvuQVr9KrLmvhpmP1_CIktJfevXa-ZYOXdd-GyqFHZr4fZ3Px0BSjaH44NXodYZfTHmUdGR2tfCZaCCFJK5wpoLytc8c2kzt1edOt6kykyfTFy_fMBUpIM-w_LwB4t7vZU1uYJiHKQAwpgii1D8eya5Jg79cbKyJvhC6ycGVf1KR45n_WIecs32Lk1LURtwohnFpBNFP711bw8Ph58xMDQvmAyhjmnt9wHUlMj6tyInR0-orCRCYSWXoLGKe-FyGTgN4MoeYutCSYpil0DLGDZDS91XPxk1hZ8t-59nVReOCM4O90o7DeuMMWKdxTZjXoB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=D82QyaJnwWpcHZiSoqaOofytqCsJfIH7q90Ea6sRk3U3g2sy_6ajccwa_DkTz6-UfevdvFGRCucgSa_Zh5qa2_ymwVn8X2DT3vrIocw0__DUTyZv0AaeSaNyKVkOiJoLqNCWtOnLjtf6GCN31h81T-c0bFuDR_-rd-SaIo5mTcWUraLXE0UGr8UpqCsLnXkwEdQ3yUaiZLDf9k46uduoij_SUDBzEhyAkPJ0H6flLE66urJbvliT5tH0M0xplG5q5y8yzDHt6_PicvebiEx9270EzQLHIDWB43Q6cU5U27WGCIAkHf7IgI2WZ9-2rs7CfczWB_jYSHQ5uf25_xQR7D43qV7lYI-5eevvuQVr9KrLmvhpmP1_CIktJfevXa-ZYOXdd-GyqFHZr4fZ3Px0BSjaH44NXodYZfTHmUdGR2tfCZaCCFJK5wpoLytc8c2kzt1edOt6kykyfTFy_fMBUpIM-w_LwB4t7vZU1uYJiHKQAwpgii1D8eya5Jg79cbKyJvhC6ycGVf1KR45n_WIecs32Lk1LURtwohnFpBNFP711bw8Ph58xMDQvmAyhjmnt9wHUlMj6tyInR0-orCRCYSWXoLGKe-FyGTgN4MoeYutCSYpil0DLGDZDS91XPxk1hZ8t-59nVReOCM4O90o7DeuMMWKdxTZjXoB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABs; OXPCLK=AAHg4AAAAAAAAABs; ppucnt=108
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABt; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABt; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=109; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=D82QyaJnwWpcHZiSoqaOofytqCsJfIH7q90Ea6sRk3U3g2sy_6ajccwa_DkTz6-UfevdvFGRCucgSa_Zh5qa2_ymwVn8X2DT3vrIocw0__DUTyZv0AaeSaNyKVkOiJoLqNCWtOnLjtf6GCN31h81T-c0bFuDR_-rd-SaIo5mTcWUraLXE0UGr8UpqCsLnXkwEdQ3yUaiZLDf9k46uduoij_SUDBzEhyAkPJ0H6flLE66urJbvliT5tH0M0xplG5q5y8yzDHt6_PicvebiEx9270EzQLHIDWB43Q6cU5U27WGCIAkHf7IgI2WZ9-2rs7CfczWB_jYSHQ5uf25_xQR7D43qV7lYI-5eevvuQVr9KrLmvhpmP1_CIktJfevXa-ZYOXdd-GyqFHZr4fZ3Px0BSjaH44NXodYZfTHmUdGR2tfCZaCCFJK5wpoLytc8c2kzt1edOt6kykyfTFy_fMBUpIM-w_LwB4t7vZU1uYJiHKQAwpgii1D8eya5Jg79cbKyJvhC6ycGVf1KR45n_WIecs32Lk1LURtwohnFpBNFP711bw8Ph58xMDQvmAyhjmnt9wHUlMj6tyInR0-orCRCYSWXoLGKe-FyGTgN4MoeYutCSYpil0DLGDZDS91XPxk1hZ8t-59nVReOCM4O90o7DeuMMWKdxTZjXoB&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405662ebce0e04d475e8d042bece9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6a739c1a47d9d13a4dc011e7532a4b130fd139da76fa1574a711cc8c5297a2d5

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABt; OXPCLK=AAHg4AAAAAAAAABt; ppucnt=109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABt; OXPCLK=AAHg4AAAAAAAAABt; ppucnt=109
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=-ShAzyUeyctrkh3FfOvnFhLhlfBM5Mr8v_H-fjwmHzoB71afw-_jCT6r_-X8kU9GoClvzJgKjyn2jj6OZngC5llVakYIyEswjcgpT4uB0dke5foboNU3l7mS2Bw9kEuHFxgwER45xRWd4YDLsFS7oVyykzmcfiBvCJbRREsSbgx-3KIg87g3VLsxzM7T-PC54o1ieh6fYBJf24-V6LacN_S9xxv6sgIYQ9a-MECFGDB4jxQbEXFClTlaDJArk4cT8_PXrRLO77RZg1dgDpTOqQpLKv4m_nHKUldgQSD3EoKjaXtbWaK7XKFhIn2ywq2boADVoFJHfxW0V6-Ekrd1qB9Sl53Q_sFZKfnh3mft2sFtVNZEdMAt_9NnJayRpiw9npkQXhrrRF9ZEsWpOAABM_lfLEo3gagNh6OJDyn3PCAuAhCOC987533ZNUaZ4DzyClL0lismgeDiCIT_o8nkhAjaOKSC8G5uGhXdVmlQpGCxj6mluU7A6AqnMGdIn5xARjHLQOeLh4dOlSkXd4Z1Trc_VNIDc3bH0UszJYJH-wii_BgCdpf8y_3BAlKQX_WKl50QGUlv9GFePK0gh2sP1YAjL1TeDUZPu14hEcTHckrV0AWHWqIpZ98vc-jJxloVk6uDTtUgKWW4Bq8WRwXhlS4CTg9UhwKwqnrD&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
386c6a1ce00ebb4ed42ceba60988afd5b3d3c229084ce52c87925f5c84047d27

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=-ShAzyUeyctrkh3FfOvnFhLhlfBM5Mr8v_H-fjwmHzoB71afw-_jCT6r_-X8kU9GoClvzJgKjyn2jj6OZngC5llVakYIyEswjcgpT4uB0dke5foboNU3l7mS2Bw9kEuHFxgwER45xRWd4YDLsFS7oVyykzmcfiBvCJbRREsSbgx-3KIg87g3VLsxzM7T-PC54o1ieh6fYBJf24-V6LacN_S9xxv6sgIYQ9a-MECFGDB4jxQbEXFClTlaDJArk4cT8_PXrRLO77RZg1dgDpTOqQpLKv4m_nHKUldgQSD3EoKjaXtbWaK7XKFhIn2ywq2boADVoFJHfxW0V6-Ekrd1qB9Sl53Q_sFZKfnh3mft2sFtVNZEdMAt_9NnJayRpiw9npkQXhrrRF9ZEsWpOAABM_lfLEo3gagNh6OJDyn3PCAuAhCOC987533ZNUaZ4DzyClL0lismgeDiCIT_o8nkhAjaOKSC8G5uGhXdVmlQpGCxj6mluU7A6AqnMGdIn5xARjHLQOeLh4dOlSkXd4Z1Trc_VNIDc3bH0UszJYJH-wii_BgCdpf8y_3BAlKQX_WKl50QGUlv9GFePK0gh2sP1YAjL1TeDUZPu14hEcTHckrV0AWHWqIpZ98vc-jJxloVk6uDTtUgKWW4Bq8WRwXhlS4CTg9UhwKwqnrD&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABt; OXPCLK=AAHg4AAAAAAAAABt; ppucnt=109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABu; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABu; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=110; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=-ShAzyUeyctrkh3FfOvnFhLhlfBM5Mr8v_H-fjwmHzoB71afw-_jCT6r_-X8kU9GoClvzJgKjyn2jj6OZngC5llVakYIyEswjcgpT4uB0dke5foboNU3l7mS2Bw9kEuHFxgwER45xRWd4YDLsFS7oVyykzmcfiBvCJbRREsSbgx-3KIg87g3VLsxzM7T-PC54o1ieh6fYBJf24-V6LacN_S9xxv6sgIYQ9a-MECFGDB4jxQbEXFClTlaDJArk4cT8_PXrRLO77RZg1dgDpTOqQpLKv4m_nHKUldgQSD3EoKjaXtbWaK7XKFhIn2ywq2boADVoFJHfxW0V6-Ekrd1qB9Sl53Q_sFZKfnh3mft2sFtVNZEdMAt_9NnJayRpiw9npkQXhrrRF9ZEsWpOAABM_lfLEo3gagNh6OJDyn3PCAuAhCOC987533ZNUaZ4DzyClL0lismgeDiCIT_o8nkhAjaOKSC8G5uGhXdVmlQpGCxj6mluU7A6AqnMGdIn5xARjHLQOeLh4dOlSkXd4Z1Trc_VNIDc3bH0UszJYJH-wii_BgCdpf8y_3BAlKQX_WKl50QGUlv9GFePK0gh2sP1YAjL1TeDUZPu14hEcTHckrV0AWHWqIpZ98vc-jJxloVk6uDTtUgKWW4Bq8WRwXhlS4CTg9UhwKwqnrD&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c4c57a91c4f546d7922eba4430&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
968e33a707720483bda64ee4168c807ca234ed01ef31ce403034431d4fa2e53a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABu; OXPCLK=AAHg4AAAAAAAAABu; ppucnt=110
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABu; OXPCLK=AAHg4AAAAAAAAABu; ppucnt=110
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=7mY-CkG-SIAYFy-4flgVV7o_LiN0vg_QEdxFgbbOJx9jNc7nJYy5eo9o241yfdZbyFcS4fjVmiPqTu38N1-Us7bYdi6jz2XWlLhDknUiglNQW8PoJMONoXdWcp7HAOCEy9TYJiJmhbGn5wrawEQXpcbDwrt1-xd_7w2981clQoSsBR6FYv0kdsUfNePtsIsvBncmwSL4RVsRv3fiuK99tdDnJOcrwMPbRtuMe261ByOopGaYn2GA_npCEjv3UA6EQHD1Ro0_prTEdJ3xlTBtl57JSnhjGuvS49Z28_LD_ZTYnqw5tlGC43cYIV3HW5gXOh-agcPbtrzw5hTCQx3GltaNOp9MKGsOF2EDXSTuJEC_6CWGAogdgiKjyaue-ACAuCoCC1NrgHiQTleNkt4m3J8Qd5o_sJiqcaojYl_Ou9VD0wfEu_unDQDSc_eByPwbMwGvgNgU6o5VMuMm05tWv0J_0T9LD6FiOsen9RgNCvHWkbpoWzF1796rKhDDkkGWa4Do29u1BkLT2JJOLU0Ej5N0C_aJrJgSf6jSgtIRJDUAxzH75_KsW7LWeBxokVIDlbvW24UxuL8VkwwJtgtckl7jU5UYJH5DWi0qvlRBo8ONTvN6ZFwy7McsX3SjK7rUFxWBANBS6M1fdHpEXnhGk-yRQns2mbx4miRS&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=7mY-CkG-SIAYFy-4flgVV7o_LiN0vg_QEdxFgbbOJx9jNc7nJYy5eo9o241yfdZbyFcS4fjVmiPqTu38N1-Us7bYdi6jz2XWlLhDknUiglNQW8PoJMONoXdWcp7HAOCEy9TYJiJmhbGn5wrawEQXpcbDwrt1-xd_7w2981clQoSsBR6FYv0kdsUfNePtsIsvBncmwSL4RVsRv3fiuK99tdDnJOcrwMPbRtuMe261ByOopGaYn2GA_npCEjv3UA6EQHD1Ro0_prTEdJ3xlTBtl57JSnhjGuvS49Z28_LD_ZTYnqw5tlGC43cYIV3HW5gXOh-agcPbtrzw5hTCQx3GltaNOp9MKGsOF2EDXSTuJEC_6CWGAogdgiKjyaue-ACAuCoCC1NrgHiQTleNkt4m3J8Qd5o_sJiqcaojYl_Ou9VD0wfEu_unDQDSc_eByPwbMwGvgNgU6o5VMuMm05tWv0J_0T9LD6FiOsen9RgNCvHWkbpoWzF1796rKhDDkkGWa4Do29u1BkLT2JJOLU0Ej5N0C_aJrJgSf6jSgtIRJDUAxzH75_KsW7LWeBxokVIDlbvW24UxuL8VkwwJtgtckl7jU5UYJH5DWi0qvlRBo8ONTvN6ZFwy7McsX3SjK7rUFxWBANBS6M1fdHpEXnhGk-yRQns2mbx4miRS&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABu; OXPCLK=AAHg4AAAAAAAAABu; ppucnt=110
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABv; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure OXPCLK=AAHg4AAAAAAAAABv; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure ppucnt=111; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:49 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=dfe4fa3aa705f362afb18f9b0f3773721631480749&psp=7mY-CkG-SIAYFy-4flgVV7o_LiN0vg_QEdxFgbbOJx9jNc7nJYy5eo9o241yfdZbyFcS4fjVmiPqTu38N1-Us7bYdi6jz2XWlLhDknUiglNQW8PoJMONoXdWcp7HAOCEy9TYJiJmhbGn5wrawEQXpcbDwrt1-xd_7w2981clQoSsBR6FYv0kdsUfNePtsIsvBncmwSL4RVsRv3fiuK99tdDnJOcrwMPbRtuMe261ByOopGaYn2GA_npCEjv3UA6EQHD1Ro0_prTEdJ3xlTBtl57JSnhjGuvS49Z28_LD_ZTYnqw5tlGC43cYIV3HW5gXOh-agcPbtrzw5hTCQx3GltaNOp9MKGsOF2EDXSTuJEC_6CWGAogdgiKjyaue-ACAuCoCC1NrgHiQTleNkt4m3J8Qd5o_sJiqcaojYl_Ou9VD0wfEu_unDQDSc_eByPwbMwGvgNgU6o5VMuMm05tWv0J_0T9LD6FiOsen9RgNCvHWkbpoWzF1796rKhDDkkGWa4Do29u1BkLT2JJOLU0Ej5N0C_aJrJgSf6jSgtIRJDUAxzH75_KsW7LWeBxokVIDlbvW24UxuL8VkwwJtgtckl7jU5UYJH5DWi0qvlRBo8ONTvN6ZFwy7McsX3SjK7rUFxWBANBS6M1fdHpEXnhGk-yRQns2mbx4miRS&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405ad96316527c6472986be2f28a7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4d9b7285252d086a2f4d25d4e9e9db12587d22e2460c8de83554c83a79093109

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABv; OXPCLK=AAHg4AAAAAAAAABv; ppucnt=111
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABv; OXPCLK=AAHg4AAAAAAAAABv; ppucnt=111
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=9TmDE2jS7AYwZ2rhNErILmFhRLjmgN8xJJq0GhbyYIDXOvIcw-ofyze8Lx21UEuMDrkzr1npTfyvF40jo8CA1IXkFpli2pH2jYhKDEMftJBevHi5J56G1AJGsNWlp9P3PBKd_f_7q-ciiwlpN_6jkqfklKmEr9llyADANhhDs-2KGqd-pyuwMbcjSzdh3LG_exVcGYfrBhOVLrWUYZ4hK9yZwoqpH85NAAasTGBcw_383rBFpVNsVYiPCmDloO0PKmwINnNsqXrbu3mJdhGeql5MpMesp1HmFhy3u3S0UFZAnRIW94QlXsBlT8CZqYXpzeQ4zh-a1ial97IPFa3SeEkP5bsCIze5StU2sh-85MHQl-4SyNybCV0K5T81-5RpuSsy0vqmtua0bd6B8faKyFgxUOkQHxWBtRMIlQGa29iEWgPqD8x-BXrMFrBDAJgcP5MUc7gzt0YNA-bKP5pqrTGfoV8UrXLPpZ8riUMMx5eMGCqK5eda_hlCPaGQCgS1-KiR8jtAPWeJk-TFv92PH7dHvbUPu6QQxUvtv3pV3TD61N1JnKFz9rh4MYVHsadOubf-Z1M5sCMm9M_sh0aHqP22Ecg_HcyART8u_ymiVeI86UHH_3ZpVM8ogmudJ7mf6lXiYwB2HDEwkT937UpcZFFdkuoHMPTipbrJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a73cca35864b4483cfe8254337e6bcb5962961ef28d3d868bf7d09855a49048c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=9TmDE2jS7AYwZ2rhNErILmFhRLjmgN8xJJq0GhbyYIDXOvIcw-ofyze8Lx21UEuMDrkzr1npTfyvF40jo8CA1IXkFpli2pH2jYhKDEMftJBevHi5J56G1AJGsNWlp9P3PBKd_f_7q-ciiwlpN_6jkqfklKmEr9llyADANhhDs-2KGqd-pyuwMbcjSzdh3LG_exVcGYfrBhOVLrWUYZ4hK9yZwoqpH85NAAasTGBcw_383rBFpVNsVYiPCmDloO0PKmwINnNsqXrbu3mJdhGeql5MpMesp1HmFhy3u3S0UFZAnRIW94QlXsBlT8CZqYXpzeQ4zh-a1ial97IPFa3SeEkP5bsCIze5StU2sh-85MHQl-4SyNybCV0K5T81-5RpuSsy0vqmtua0bd6B8faKyFgxUOkQHxWBtRMIlQGa29iEWgPqD8x-BXrMFrBDAJgcP5MUc7gzt0YNA-bKP5pqrTGfoV8UrXLPpZ8riUMMx5eMGCqK5eda_hlCPaGQCgS1-KiR8jtAPWeJk-TFv92PH7dHvbUPu6QQxUvtv3pV3TD61N1JnKFz9rh4MYVHsadOubf-Z1M5sCMm9M_sh0aHqP22Ecg_HcyART8u_ymiVeI86UHH_3ZpVM8ogmudJ7mf6lXiYwB2HDEwkT937UpcZFFdkuoHMPTipbrJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABv; OXPCLK=AAHg4AAAAAAAAABv; ppucnt=111
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABw; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure OXPCLK=AAHg4AAAAAAAAABw; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure ppucnt=112; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=9TmDE2jS7AYwZ2rhNErILmFhRLjmgN8xJJq0GhbyYIDXOvIcw-ofyze8Lx21UEuMDrkzr1npTfyvF40jo8CA1IXkFpli2pH2jYhKDEMftJBevHi5J56G1AJGsNWlp9P3PBKd_f_7q-ciiwlpN_6jkqfklKmEr9llyADANhhDs-2KGqd-pyuwMbcjSzdh3LG_exVcGYfrBhOVLrWUYZ4hK9yZwoqpH85NAAasTGBcw_383rBFpVNsVYiPCmDloO0PKmwINnNsqXrbu3mJdhGeql5MpMesp1HmFhy3u3S0UFZAnRIW94QlXsBlT8CZqYXpzeQ4zh-a1ial97IPFa3SeEkP5bsCIze5StU2sh-85MHQl-4SyNybCV0K5T81-5RpuSsy0vqmtua0bd6B8faKyFgxUOkQHxWBtRMIlQGa29iEWgPqD8x-BXrMFrBDAJgcP5MUc7gzt0YNA-bKP5pqrTGfoV8UrXLPpZ8riUMMx5eMGCqK5eda_hlCPaGQCgS1-KiR8jtAPWeJk-TFv92PH7dHvbUPu6QQxUvtv3pV3TD61N1JnKFz9rh4MYVHsadOubf-Z1M5sCMm9M_sh0aHqP22Ecg_HcyART8u_ymiVeI86UHH_3ZpVM8ogmudJ7mf6lXiYwB2HDEwkT937UpcZFFdkuoHMPTipbrJ&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b890b10f89ea44d0b1bf4d5d02&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bbc4088563e4f82c9235379dffdf5f8f11cbd3d9653f19040f376eed7db98c7b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABw; OXPCLK=AAHg4AAAAAAAAABw; ppucnt=112
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABw; OXPCLK=AAHg4AAAAAAAAABw; ppucnt=112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=pp6YMcZxuZsGXknjC-Z2RP756buqYsyNCPuKsj64i741wUfAgUWUMwZ_vxd9HYcqfFHmTq07tL5kE-AFVjwr7zOfHA3DLYHzO7p3nU8qjWkY0fM6VcRWnAesbkKBvwSvIZkRflT4UsvysH5ad4vBtdFXpySImP5hLbqvl4n8IjLXCwE6HrWCSq8vEXkAkHgO35cy3rA1AfPfPNcfmyx4zSPu-ofNhE4xx7lkbuCnDB9KVp75nFLRIFM00buDFjKGkROd7hMYta-UrSibiXsBv5ONmPHr396__DM_zfi51embO7zV3-5dp_rJ0XZAc5wsavZTg2CdKrjiQt30b5_d65YxNyVa3R1Nf-HZxXAWexkaI2-SYNW0cHDkhCQUJ6evZjPrvPrjD3pb1bz5NHhcxdPRIi1FUIM9ZSzJiwkVqXZa6_iz6yOoh6kYoqWCE2GhGVzcdcARzs_RZLMaM96mlTkcMn2k0T43k2CbGJ2kJMEXtEmyQNg7VQlOMEc_VyoEqQZRmxwFLtX7jG1y8wt0bkuUrwlMyHGkrjjFhr_DS3EETmoswXrklJQdtHuurrQ3XlvA7Tbu5iSgS8NbDQTG3zCPPy04ErEQu7dAQIKizcpW_ktLZIpZ_pLz0pWyKukL26ciA2n0qWRTptpC927pWbOH76sA3Ae23Lei&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=pp6YMcZxuZsGXknjC-Z2RP756buqYsyNCPuKsj64i741wUfAgUWUMwZ_vxd9HYcqfFHmTq07tL5kE-AFVjwr7zOfHA3DLYHzO7p3nU8qjWkY0fM6VcRWnAesbkKBvwSvIZkRflT4UsvysH5ad4vBtdFXpySImP5hLbqvl4n8IjLXCwE6HrWCSq8vEXkAkHgO35cy3rA1AfPfPNcfmyx4zSPu-ofNhE4xx7lkbuCnDB9KVp75nFLRIFM00buDFjKGkROd7hMYta-UrSibiXsBv5ONmPHr396__DM_zfi51embO7zV3-5dp_rJ0XZAc5wsavZTg2CdKrjiQt30b5_d65YxNyVa3R1Nf-HZxXAWexkaI2-SYNW0cHDkhCQUJ6evZjPrvPrjD3pb1bz5NHhcxdPRIi1FUIM9ZSzJiwkVqXZa6_iz6yOoh6kYoqWCE2GhGVzcdcARzs_RZLMaM96mlTkcMn2k0T43k2CbGJ2kJMEXtEmyQNg7VQlOMEc_VyoEqQZRmxwFLtX7jG1y8wt0bkuUrwlMyHGkrjjFhr_DS3EETmoswXrklJQdtHuurrQ3XlvA7Tbu5iSgS8NbDQTG3zCPPy04ErEQu7dAQIKizcpW_ktLZIpZ_pLz0pWyKukL26ciA2n0qWRTptpC927pWbOH76sA3Ae23Lei&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABw; OXPCLK=AAHg4AAAAAAAAABw; ppucnt=112
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABx; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure OXPCLK=AAHg4AAAAAAAAABx; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure ppucnt=113; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=pp6YMcZxuZsGXknjC-Z2RP756buqYsyNCPuKsj64i741wUfAgUWUMwZ_vxd9HYcqfFHmTq07tL5kE-AFVjwr7zOfHA3DLYHzO7p3nU8qjWkY0fM6VcRWnAesbkKBvwSvIZkRflT4UsvysH5ad4vBtdFXpySImP5hLbqvl4n8IjLXCwE6HrWCSq8vEXkAkHgO35cy3rA1AfPfPNcfmyx4zSPu-ofNhE4xx7lkbuCnDB9KVp75nFLRIFM00buDFjKGkROd7hMYta-UrSibiXsBv5ONmPHr396__DM_zfi51embO7zV3-5dp_rJ0XZAc5wsavZTg2CdKrjiQt30b5_d65YxNyVa3R1Nf-HZxXAWexkaI2-SYNW0cHDkhCQUJ6evZjPrvPrjD3pb1bz5NHhcxdPRIi1FUIM9ZSzJiwkVqXZa6_iz6yOoh6kYoqWCE2GhGVzcdcARzs_RZLMaM96mlTkcMn2k0T43k2CbGJ2kJMEXtEmyQNg7VQlOMEc_VyoEqQZRmxwFLtX7jG1y8wt0bkuUrwlMyHGkrjjFhr_DS3EETmoswXrklJQdtHuurrQ3XlvA7Tbu5iSgS8NbDQTG3zCPPy04ErEQu7dAQIKizcpW_ktLZIpZ_pLz0pWyKukL26ciA2n0qWRTptpC927pWbOH76sA3Ae23Lei&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140592a98897692447f1b3ffea0a08&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bfcf169f8ab36f7ebc5fe25c121dac7fa22cfde79e76d197e48acbc0b66fb6a1

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABx; OXPCLK=AAHg4AAAAAAAAABx; ppucnt=113
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABx; OXPCLK=AAHg4AAAAAAAAABx; ppucnt=113
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=Uf35WQm4lLFFhlcL9YtF7od8hqzl2awL5ecQaotHyTxVP4oSJ-k_meiCKZDc-hEwTOK6ONIkbCxiHQyhtyljuW-9Dj4ooMBPkNie-5ltJsmfD1Ah_FIA2dqqd20yftTPW8GAEwsuvYYZhlM9iLrY-Nn3czbEtlOn2hSXmWyLsC0CQ5Dqn7-GFQoS5mDSIWQNpQ3pN5cpHTJVH9qGZTRrNsKFdR-4v8PXsro-QikIxtDnpUpzdilGdVth3l1umEbLQgXQNczTRl3L0LbvL6qaeg_CAZMiKlC6sJhfsBeRUwbA8KwS81vknBB5nbbL1ZACSFrJbXPPgbFqWebj_M-QQZNxwYhwa6EJ4EXCfPOsX-2zhj4RO4vw43L4mzHsYrJfrjzyLeqY1IF5r2O-G0kIOlLvPiorJ4L2zMTfK-tZf0HE-M7hcTVHCBDXYT2N1q7IciMaNUtrMg2WxiRQTHVAaXjdIWcVXLbKsnQrtHkAtWfwJpo8GGK0U4HWnx19UNOTgxZ9QsuSVlI_qQ2pGotYoLzE3NYfq6iamqDifPJBd-v4qs_DQDCQqDv5w8A6q6rpOksGe284Rw_2iXXYOYnhkDHFrd6SuE5b2EuYd4gJDwbKo7edGVEemSo-bJVhEAz582UyChj6NGnlwEOuxKkaDOFeYRZpXaFa6WWf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=Uf35WQm4lLFFhlcL9YtF7od8hqzl2awL5ecQaotHyTxVP4oSJ-k_meiCKZDc-hEwTOK6ONIkbCxiHQyhtyljuW-9Dj4ooMBPkNie-5ltJsmfD1Ah_FIA2dqqd20yftTPW8GAEwsuvYYZhlM9iLrY-Nn3czbEtlOn2hSXmWyLsC0CQ5Dqn7-GFQoS5mDSIWQNpQ3pN5cpHTJVH9qGZTRrNsKFdR-4v8PXsro-QikIxtDnpUpzdilGdVth3l1umEbLQgXQNczTRl3L0LbvL6qaeg_CAZMiKlC6sJhfsBeRUwbA8KwS81vknBB5nbbL1ZACSFrJbXPPgbFqWebj_M-QQZNxwYhwa6EJ4EXCfPOsX-2zhj4RO4vw43L4mzHsYrJfrjzyLeqY1IF5r2O-G0kIOlLvPiorJ4L2zMTfK-tZf0HE-M7hcTVHCBDXYT2N1q7IciMaNUtrMg2WxiRQTHVAaXjdIWcVXLbKsnQrtHkAtWfwJpo8GGK0U4HWnx19UNOTgxZ9QsuSVlI_qQ2pGotYoLzE3NYfq6iamqDifPJBd-v4qs_DQDCQqDv5w8A6q6rpOksGe284Rw_2iXXYOYnhkDHFrd6SuE5b2EuYd4gJDwbKo7edGVEemSo-bJVhEAz582UyChj6NGnlwEOuxKkaDOFeYRZpXaFa6WWf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABx; OXPCLK=AAHg4AAAAAAAAABx; ppucnt=113
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABy; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure OXPCLK=AAHg4AAAAAAAAABy; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure ppucnt=114; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=Uf35WQm4lLFFhlcL9YtF7od8hqzl2awL5ecQaotHyTxVP4oSJ-k_meiCKZDc-hEwTOK6ONIkbCxiHQyhtyljuW-9Dj4ooMBPkNie-5ltJsmfD1Ah_FIA2dqqd20yftTPW8GAEwsuvYYZhlM9iLrY-Nn3czbEtlOn2hSXmWyLsC0CQ5Dqn7-GFQoS5mDSIWQNpQ3pN5cpHTJVH9qGZTRrNsKFdR-4v8PXsro-QikIxtDnpUpzdilGdVth3l1umEbLQgXQNczTRl3L0LbvL6qaeg_CAZMiKlC6sJhfsBeRUwbA8KwS81vknBB5nbbL1ZACSFrJbXPPgbFqWebj_M-QQZNxwYhwa6EJ4EXCfPOsX-2zhj4RO4vw43L4mzHsYrJfrjzyLeqY1IF5r2O-G0kIOlLvPiorJ4L2zMTfK-tZf0HE-M7hcTVHCBDXYT2N1q7IciMaNUtrMg2WxiRQTHVAaXjdIWcVXLbKsnQrtHkAtWfwJpo8GGK0U4HWnx19UNOTgxZ9QsuSVlI_qQ2pGotYoLzE3NYfq6iamqDifPJBd-v4qs_DQDCQqDv5w8A6q6rpOksGe284Rw_2iXXYOYnhkDHFrd6SuE5b2EuYd4gJDwbKo7edGVEemSo-bJVhEAz582UyChj6NGnlwEOuxKkaDOFeYRZpXaFa6WWf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405281f140048644b16bcdc58dbea&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
de6ea94db980197048c5827c195fc820cfe25d95701b0092261d38bbb802ae98

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABy; OXPCLK=AAHg4AAAAAAAAABy; ppucnt=114
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABy; OXPCLK=AAHg4AAAAAAAAABy; ppucnt=114
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=jOTHZPz4YMo_N5xIqKOH0p-4g8HPnBihS7eEvdblVzDAz_as2oGjWtgSrozQtQ5yZTHx4vWGngtuYRspre8RLJ96KwMBw8ENice3OSYaqSyX4B1CQeNdyYOqBwb5WNQ6ywV-Ih004gRK0nQ2ke7vcLDR15mHRKDZKmNe-43esuaoxWQHnM8JS5F983-5_zyVbPIav7CiBIH5tVU0NOh5ykzuys0a_eKGbPzJRFkqKzlkGPeHprD5dGkF01B4HXp5-Os_sxCN4z-uk4m_eiTZwqfOd4SZlT1asbTIiL1tQFQY5CgBNo8q1PyQbWc5ug6nTtRfPDSOHfEbIJ_ubFElpAEa57E7IF_-OK2YtlNF0WorWDpZPyCWBPR-2aqLfvbXwAlDG5XSEWCmgHdsaPMsdutcSaHFTUVBn5oDSxs1A1Fs_BCzNyz3ZYbSS5aEk9q8Gr7o8I7MtxHBqoW7HcnOB7elZvXoClBvsNbthpoCLgO6W6Ln3mpCVn5MW_5IzeemshltSLPdLxYRNCbh5X6u2ooBd1Q_RDhsIERig-Wmvfepz4Zc8VPUb-nu-VLNPSTkeUuy0ePCasGEm16-F9VRAw4uxm2MvgvG_XzBSylHmuTJMNI1_Rzf3tddSEJrmsJsMwDpxs8h4UWA4XAGIpHd34VqPIICDZERyqPU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=jOTHZPz4YMo_N5xIqKOH0p-4g8HPnBihS7eEvdblVzDAz_as2oGjWtgSrozQtQ5yZTHx4vWGngtuYRspre8RLJ96KwMBw8ENice3OSYaqSyX4B1CQeNdyYOqBwb5WNQ6ywV-Ih004gRK0nQ2ke7vcLDR15mHRKDZKmNe-43esuaoxWQHnM8JS5F983-5_zyVbPIav7CiBIH5tVU0NOh5ykzuys0a_eKGbPzJRFkqKzlkGPeHprD5dGkF01B4HXp5-Os_sxCN4z-uk4m_eiTZwqfOd4SZlT1asbTIiL1tQFQY5CgBNo8q1PyQbWc5ug6nTtRfPDSOHfEbIJ_ubFElpAEa57E7IF_-OK2YtlNF0WorWDpZPyCWBPR-2aqLfvbXwAlDG5XSEWCmgHdsaPMsdutcSaHFTUVBn5oDSxs1A1Fs_BCzNyz3ZYbSS5aEk9q8Gr7o8I7MtxHBqoW7HcnOB7elZvXoClBvsNbthpoCLgO6W6Ln3mpCVn5MW_5IzeemshltSLPdLxYRNCbh5X6u2ooBd1Q_RDhsIERig-Wmvfepz4Zc8VPUb-nu-VLNPSTkeUuy0ePCasGEm16-F9VRAw4uxm2MvgvG_XzBSylHmuTJMNI1_Rzf3tddSEJrmsJsMwDpxs8h4UWA4XAGIpHd34VqPIICDZERyqPU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABy; OXPCLK=AAHg4AAAAAAAAABy; ppucnt=114
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAABz; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure OXPCLK=AAHg4AAAAAAAAABz; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure ppucnt=115; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=jOTHZPz4YMo_N5xIqKOH0p-4g8HPnBihS7eEvdblVzDAz_as2oGjWtgSrozQtQ5yZTHx4vWGngtuYRspre8RLJ96KwMBw8ENice3OSYaqSyX4B1CQeNdyYOqBwb5WNQ6ywV-Ih004gRK0nQ2ke7vcLDR15mHRKDZKmNe-43esuaoxWQHnM8JS5F983-5_zyVbPIav7CiBIH5tVU0NOh5ykzuys0a_eKGbPzJRFkqKzlkGPeHprD5dGkF01B4HXp5-Os_sxCN4z-uk4m_eiTZwqfOd4SZlT1asbTIiL1tQFQY5CgBNo8q1PyQbWc5ug6nTtRfPDSOHfEbIJ_ubFElpAEa57E7IF_-OK2YtlNF0WorWDpZPyCWBPR-2aqLfvbXwAlDG5XSEWCmgHdsaPMsdutcSaHFTUVBn5oDSxs1A1Fs_BCzNyz3ZYbSS5aEk9q8Gr7o8I7MtxHBqoW7HcnOB7elZvXoClBvsNbthpoCLgO6W6Ln3mpCVn5MW_5IzeemshltSLPdLxYRNCbh5X6u2ooBd1Q_RDhsIERig-Wmvfepz4Zc8VPUb-nu-VLNPSTkeUuy0ePCasGEm16-F9VRAw4uxm2MvgvG_XzBSylHmuTJMNI1_Rzf3tddSEJrmsJsMwDpxs8h4UWA4XAGIpHd34VqPIICDZERyqPU&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214058ac41c5cc0c747eaa48c64f8da&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e51c681daacb06bef71d1a924a0a7136c0eed109d66e1b9aa4f580300e6cc29d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABz; OXPCLK=AAHg4AAAAAAAAABz; ppucnt=115
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABz; OXPCLK=AAHg4AAAAAAAAABz; ppucnt=115
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=t_RblvhFlDIdc-F3UnxULkJEKqnYyRULQ7-_-fYuRr5l_58sKxf6Pm8lkaRn3_0CdEq1WYfSVruOmdmBd3K7KrtIIABogwdPFCkm7-rhX6RJ0X3rpSg5RVS48jbB9PwTg3UFRsa9BxotfRHF_Lw_3wMTRPPAX3TtkdqgKaziQA-GWQC46WFfIPH_H4Z4JubzFA1B6aiZZXTv8B_1pSrF1mq1C91jyKgXdsc-ElACf_pkDK5b90m6bQIQpnWcp5OBcA_iG4oBzmoPfuIZaBtwabcaiZrFXijgQWQikQnyS5GDmBvwdrnNqXSzRE4p-tPL_fY5pKfVHUh4kn7tSWMZcFdJPI45hV9BREg3z0LUuV-O93JtFta0v__bZoqq2qwtHQf7fKyPistiqwZw5piTnKrLOaNqDO_Lk_2VYa2IeiSf_wu6JlHRrbtwQKACU1El0Otxnz7fLNfZq0LCsZrrPmc98xkzvRP_yXa9rkIDv9Gen-h9rDm5GAQaGYlZFBlb3L98sT9TtKH_F-RYMrVkq26zezK0SzzpBi2sbSn3TqsclFfQebZoiq4bgOs8kASYp6r20BwqcqWQzNvkd5jE7-gCqP8M52egVdVeINOLn5QZDcR7RUgdgg6QPU_R_zue8isndw-GhkBoIKn_U6xnqfA4MFCep6VWjaNu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5778aed852d2db6b2908c84cd144b3571eff543f862310ec9133636871d64f56

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=t_RblvhFlDIdc-F3UnxULkJEKqnYyRULQ7-_-fYuRr5l_58sKxf6Pm8lkaRn3_0CdEq1WYfSVruOmdmBd3K7KrtIIABogwdPFCkm7-rhX6RJ0X3rpSg5RVS48jbB9PwTg3UFRsa9BxotfRHF_Lw_3wMTRPPAX3TtkdqgKaziQA-GWQC46WFfIPH_H4Z4JubzFA1B6aiZZXTv8B_1pSrF1mq1C91jyKgXdsc-ElACf_pkDK5b90m6bQIQpnWcp5OBcA_iG4oBzmoPfuIZaBtwabcaiZrFXijgQWQikQnyS5GDmBvwdrnNqXSzRE4p-tPL_fY5pKfVHUh4kn7tSWMZcFdJPI45hV9BREg3z0LUuV-O93JtFta0v__bZoqq2qwtHQf7fKyPistiqwZw5piTnKrLOaNqDO_Lk_2VYa2IeiSf_wu6JlHRrbtwQKACU1El0Otxnz7fLNfZq0LCsZrrPmc98xkzvRP_yXa9rkIDv9Gen-h9rDm5GAQaGYlZFBlb3L98sT9TtKH_F-RYMrVkq26zezK0SzzpBi2sbSn3TqsclFfQebZoiq4bgOs8kASYp6r20BwqcqWQzNvkd5jE7-gCqP8M52egVdVeINOLn5QZDcR7RUgdgg6QPU_R_zue8isndw-GhkBoIKn_U6xnqfA4MFCep6VWjaNu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAABz; OXPCLK=AAHg4AAAAAAAAABz; ppucnt=115
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB0; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB0; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure ppucnt=116; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:50 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=f4a68b8af1144060a004bc126097a4451631480750&psp=t_RblvhFlDIdc-F3UnxULkJEKqnYyRULQ7-_-fYuRr5l_58sKxf6Pm8lkaRn3_0CdEq1WYfSVruOmdmBd3K7KrtIIABogwdPFCkm7-rhX6RJ0X3rpSg5RVS48jbB9PwTg3UFRsa9BxotfRHF_Lw_3wMTRPPAX3TtkdqgKaziQA-GWQC46WFfIPH_H4Z4JubzFA1B6aiZZXTv8B_1pSrF1mq1C91jyKgXdsc-ElACf_pkDK5b90m6bQIQpnWcp5OBcA_iG4oBzmoPfuIZaBtwabcaiZrFXijgQWQikQnyS5GDmBvwdrnNqXSzRE4p-tPL_fY5pKfVHUh4kn7tSWMZcFdJPI45hV9BREg3z0LUuV-O93JtFta0v__bZoqq2qwtHQf7fKyPistiqwZw5piTnKrLOaNqDO_Lk_2VYa2IeiSf_wu6JlHRrbtwQKACU1El0Otxnz7fLNfZq0LCsZrrPmc98xkzvRP_yXa9rkIDv9Gen-h9rDm5GAQaGYlZFBlb3L98sT9TtKH_F-RYMrVkq26zezK0SzzpBi2sbSn3TqsclFfQebZoiq4bgOs8kASYp6r20BwqcqWQzNvkd5jE7-gCqP8M52egVdVeINOLn5QZDcR7RUgdgg6QPU_R_zue8isndw-GhkBoIKn_U6xnqfA4MFCep6VWjaNu&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140517cfbfac1c174566b46dc566a6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2d82498ad3a96b1f9831678664024df7250c5245980f7a384aad8dd1b7c570c4

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB0; OXPCLK=AAHg4AAAAAAAAAB0; ppucnt=116
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB0; OXPCLK=AAHg4AAAAAAAAAB0; ppucnt=116
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ZY1a0Xtv6uZecpIfxJSXj8_833znFR2L58YCJaUztWDgkF-T3V3bZLmTv1OXteYfnwa4ojIZpgJ73rLt-JosE3_yYVfFWoc1XrrpWLnTyD8x_ddTIYBNqNGZ7LWr7vun3-cqvkjfc0SSdssWZOAl2A4JOt3lWAJKeFvsayQHlLNe8xO_UlUq0VLrDrz6nMn5uWmbzcgc_RXK-Ro_FdXbvFOyiGZdHkG26kkaWJFix2DlGG05Ih-6UdQoCLCLY_R9kofD31MF_xv4qSAlZbg5GYKv9vhb_rAo0BaaUOyxdd13pJDGWTmLBNWW9QML1vJM0udtMExMiwDrSDFJqt4wKlrCWWy27cyfTMI_7Xyc5jCbzRnQ6GBOjElUbLf9pTJb00hfbHvO3YcA45l7yGqQWW5sasjMBB-Z-2OAor8v0f1BI_nCbXMM33lHN29_DDS4v844hEPXkm-oFvudEJno1KplWUBpHEFkK3nSZH2ivqewMHCGGGKYyLW2wF5xWXN1WrS_sQwgDtv7z3p5r8oRejZLW4HML0vUos_QAMCnqJ9kfAyN0rbcrIDQEgPdhn4Qe1o5MIjO2eMd3Izv5QPcukHJ0J4JwyxyvvL8aFVzuP5ez40YjuqodIImddxPbk5mSRL0RdAPTgg3PVvAuFQoQiM6sKnB79mEgTr0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6fce5bb7b932831a0a389bcfae614c6fc6375b10afb20e1242c8529c418fa49c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ZY1a0Xtv6uZecpIfxJSXj8_833znFR2L58YCJaUztWDgkF-T3V3bZLmTv1OXteYfnwa4ojIZpgJ73rLt-JosE3_yYVfFWoc1XrrpWLnTyD8x_ddTIYBNqNGZ7LWr7vun3-cqvkjfc0SSdssWZOAl2A4JOt3lWAJKeFvsayQHlLNe8xO_UlUq0VLrDrz6nMn5uWmbzcgc_RXK-Ro_FdXbvFOyiGZdHkG26kkaWJFix2DlGG05Ih-6UdQoCLCLY_R9kofD31MF_xv4qSAlZbg5GYKv9vhb_rAo0BaaUOyxdd13pJDGWTmLBNWW9QML1vJM0udtMExMiwDrSDFJqt4wKlrCWWy27cyfTMI_7Xyc5jCbzRnQ6GBOjElUbLf9pTJb00hfbHvO3YcA45l7yGqQWW5sasjMBB-Z-2OAor8v0f1BI_nCbXMM33lHN29_DDS4v844hEPXkm-oFvudEJno1KplWUBpHEFkK3nSZH2ivqewMHCGGGKYyLW2wF5xWXN1WrS_sQwgDtv7z3p5r8oRejZLW4HML0vUos_QAMCnqJ9kfAyN0rbcrIDQEgPdhn4Qe1o5MIjO2eMd3Izv5QPcukHJ0J4JwyxyvvL8aFVzuP5ez40YjuqodIImddxPbk5mSRL0RdAPTgg3PVvAuFQoQiM6sKnB79mEgTr0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB0; OXPCLK=AAHg4AAAAAAAAAB0; ppucnt=116
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB1; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB1; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=117; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ZY1a0Xtv6uZecpIfxJSXj8_833znFR2L58YCJaUztWDgkF-T3V3bZLmTv1OXteYfnwa4ojIZpgJ73rLt-JosE3_yYVfFWoc1XrrpWLnTyD8x_ddTIYBNqNGZ7LWr7vun3-cqvkjfc0SSdssWZOAl2A4JOt3lWAJKeFvsayQHlLNe8xO_UlUq0VLrDrz6nMn5uWmbzcgc_RXK-Ro_FdXbvFOyiGZdHkG26kkaWJFix2DlGG05Ih-6UdQoCLCLY_R9kofD31MF_xv4qSAlZbg5GYKv9vhb_rAo0BaaUOyxdd13pJDGWTmLBNWW9QML1vJM0udtMExMiwDrSDFJqt4wKlrCWWy27cyfTMI_7Xyc5jCbzRnQ6GBOjElUbLf9pTJb00hfbHvO3YcA45l7yGqQWW5sasjMBB-Z-2OAor8v0f1BI_nCbXMM33lHN29_DDS4v844hEPXkm-oFvudEJno1KplWUBpHEFkK3nSZH2ivqewMHCGGGKYyLW2wF5xWXN1WrS_sQwgDtv7z3p5r8oRejZLW4HML0vUos_QAMCnqJ9kfAyN0rbcrIDQEgPdhn4Qe1o5MIjO2eMd3Izv5QPcukHJ0J4JwyxyvvL8aFVzuP5ez40YjuqodIImddxPbk5mSRL0RdAPTgg3PVvAuFQoQiM6sKnB79mEgTr0&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c20ea7f4baba448588101c0e4c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6dafce184ff8d6ffaad8d1619e097f9cd754131d0283da2ca40e7c383a3b95c2

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB1; OXPCLK=AAHg4AAAAAAAAAB1; ppucnt=117
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB1; OXPCLK=AAHg4AAAAAAAAAB1; ppucnt=117
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ELFtLdDWFFSoC5dKBYlkTQJqDTnrfDASP9GA27FGIdOnjsa7H9W4sfPclmyoBO4lj_90BfE8qhYFWalQi-j0LN-VtFp1vdn6jJ20sVnwz570Mw236wX-IEpLfquDT_S5S10Vh04u7OxZfSwY0usFrQE4BD6dSa-MuzioHwxadIO6VrGP5QlzMl9rkHC5A6CK3B9dd7rRFQsuJBqiQZN41lvsOx5MFuxAOZ6MnACjF29GnXM4Y7XBcFqvp4kcGM9nOVuIrWN0wghY4Tdotxr6AbbfVM6ibVNSsCfOCE5VG_887s9PdAUxtah63n4tjCIX7sROKd45I0goi1UoioWMimPGLETC21BuCHDDagxdjewxNAzRZ5yiXaJtJ5QG-f0bN-rmqhVc1Lx6ETpRYOiB80hg12mqz4S96JFM7oC-ntIQ1VY2oLOmRkIZTC1mJW0mqhb9gGc044AIMDJ035pJjT_3ECdh6qpS_RaGsIRtLGYKcUlbvPp0aag9MyCABdu742tGVCwl4OBZTPT_Hp74FaRfAsJPQOMek8hJ1Cr-TZU9MIV-WR05f_EyjmpgX7YXXnJxXmTPzTRAhemR7ryPztGKZKnl0ujgH2BoXoG5VaVcb0gqZEjceEMFMS3wkUrDTHiXMipH6gVHcpzR21bO09Oy27z1FYjyZ45l&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
462a10c1fc21f13264b5eeb10aceca984c246493dfd2bd59ed1ab5d9674d600d

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ELFtLdDWFFSoC5dKBYlkTQJqDTnrfDASP9GA27FGIdOnjsa7H9W4sfPclmyoBO4lj_90BfE8qhYFWalQi-j0LN-VtFp1vdn6jJ20sVnwz570Mw236wX-IEpLfquDT_S5S10Vh04u7OxZfSwY0usFrQE4BD6dSa-MuzioHwxadIO6VrGP5QlzMl9rkHC5A6CK3B9dd7rRFQsuJBqiQZN41lvsOx5MFuxAOZ6MnACjF29GnXM4Y7XBcFqvp4kcGM9nOVuIrWN0wghY4Tdotxr6AbbfVM6ibVNSsCfOCE5VG_887s9PdAUxtah63n4tjCIX7sROKd45I0goi1UoioWMimPGLETC21BuCHDDagxdjewxNAzRZ5yiXaJtJ5QG-f0bN-rmqhVc1Lx6ETpRYOiB80hg12mqz4S96JFM7oC-ntIQ1VY2oLOmRkIZTC1mJW0mqhb9gGc044AIMDJ035pJjT_3ECdh6qpS_RaGsIRtLGYKcUlbvPp0aag9MyCABdu742tGVCwl4OBZTPT_Hp74FaRfAsJPQOMek8hJ1Cr-TZU9MIV-WR05f_EyjmpgX7YXXnJxXmTPzTRAhemR7ryPztGKZKnl0ujgH2BoXoG5VaVcb0gqZEjceEMFMS3wkUrDTHiXMipH6gVHcpzR21bO09Oy27z1FYjyZ45l&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB1; OXPCLK=AAHg4AAAAAAAAAB1; ppucnt=117
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB2; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB2; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=118; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=ELFtLdDWFFSoC5dKBYlkTQJqDTnrfDASP9GA27FGIdOnjsa7H9W4sfPclmyoBO4lj_90BfE8qhYFWalQi-j0LN-VtFp1vdn6jJ20sVnwz570Mw236wX-IEpLfquDT_S5S10Vh04u7OxZfSwY0usFrQE4BD6dSa-MuzioHwxadIO6VrGP5QlzMl9rkHC5A6CK3B9dd7rRFQsuJBqiQZN41lvsOx5MFuxAOZ6MnACjF29GnXM4Y7XBcFqvp4kcGM9nOVuIrWN0wghY4Tdotxr6AbbfVM6ibVNSsCfOCE5VG_887s9PdAUxtah63n4tjCIX7sROKd45I0goi1UoioWMimPGLETC21BuCHDDagxdjewxNAzRZ5yiXaJtJ5QG-f0bN-rmqhVc1Lx6ETpRYOiB80hg12mqz4S96JFM7oC-ntIQ1VY2oLOmRkIZTC1mJW0mqhb9gGc044AIMDJ035pJjT_3ECdh6qpS_RaGsIRtLGYKcUlbvPp0aag9MyCABdu742tGVCwl4OBZTPT_Hp74FaRfAsJPQOMek8hJ1Cr-TZU9MIV-WR05f_EyjmpgX7YXXnJxXmTPzTRAhemR7ryPztGKZKnl0ujgH2BoXoG5VaVcb0gqZEjceEMFMS3wkUrDTHiXMipH6gVHcpzR21bO09Oy27z1FYjyZ45l&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c5e48701856e491fb4ad7d8e6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
68418bb766f7220df3b628fd3f429b1bd0205899cd34b7f4253a8508298ca7c9

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB2; OXPCLK=AAHg4AAAAAAAAAB2; ppucnt=118
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB2; OXPCLK=AAHg4AAAAAAAAAB2; ppucnt=118
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=YIFpMxfd0fpH-fE5Bt6wGgaAlgPAHtIwbjI0C8aWEnZBRhkuVsQmEf4Gmgsc_uj0RojqbdBpP8IR1JuBOBdGBm24KRzdwuZBcAsevfztNDfBchiQlwqJfnaoBcbr1nZIB_YOWpxpBZK_7Qpu_sLBAyUZ5FvdOTLaNae0DLaQKCHbatDG-8ggGb4bP_PCo61xl9XF0Ql_xTu5HnzhqU9WBWBhNsJvAew85Z6OWV7ux1Qghe3IfxCf93fC7FGGcU40wpcgGjs0ezm5hywXrgWzHwvJPkHTdsoZpJ2QZM8QFP9j10FAGfG0sf48khCu_C9lQvYSN0lCeQs5VFfAJ04PgXJE-QOHhDHXO_0SEuiUMtZD333Q_h_iQwzLHebrvBTZdUIqk7VEqyurqAZEmZH4tNT3dst_dl6rVHLMCXOasAW11egeidaNBxNr0QhdY7GqdKxwZC_JRK937GZSDlNUSzPYcbbLootQcavM-Dq7PuWD5OXX7yndZYQZ8JXu-3Q6c3Qs7c77zeDKCS9s4k0pW1N2SSSeiVEoo1bGfZKwAAiqXwRg6ZT1MuHVMW9yjAV4JEMyj9PK0FPs1sdTJxJ-W_mmo9M4FApRVftUT8ecdZDBG_CsKb2wdpaMe59EiyQxP9OHV9PtOnC-3IlmTS8w9sk8XwPILFkMYpYv&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bbe46f6b53d9fc8d9d286d0914857f79413b7669d44b4d210d614421ee394124

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=YIFpMxfd0fpH-fE5Bt6wGgaAlgPAHtIwbjI0C8aWEnZBRhkuVsQmEf4Gmgsc_uj0RojqbdBpP8IR1JuBOBdGBm24KRzdwuZBcAsevfztNDfBchiQlwqJfnaoBcbr1nZIB_YOWpxpBZK_7Qpu_sLBAyUZ5FvdOTLaNae0DLaQKCHbatDG-8ggGb4bP_PCo61xl9XF0Ql_xTu5HnzhqU9WBWBhNsJvAew85Z6OWV7ux1Qghe3IfxCf93fC7FGGcU40wpcgGjs0ezm5hywXrgWzHwvJPkHTdsoZpJ2QZM8QFP9j10FAGfG0sf48khCu_C9lQvYSN0lCeQs5VFfAJ04PgXJE-QOHhDHXO_0SEuiUMtZD333Q_h_iQwzLHebrvBTZdUIqk7VEqyurqAZEmZH4tNT3dst_dl6rVHLMCXOasAW11egeidaNBxNr0QhdY7GqdKxwZC_JRK937GZSDlNUSzPYcbbLootQcavM-Dq7PuWD5OXX7yndZYQZ8JXu-3Q6c3Qs7c77zeDKCS9s4k0pW1N2SSSeiVEoo1bGfZKwAAiqXwRg6ZT1MuHVMW9yjAV4JEMyj9PK0FPs1sdTJxJ-W_mmo9M4FApRVftUT8ecdZDBG_CsKb2wdpaMe59EiyQxP9OHV9PtOnC-3IlmTS8w9sk8XwPILFkMYpYv&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB2; OXPCLK=AAHg4AAAAAAAAAB2; ppucnt=118
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB3; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB3; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=119; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=YIFpMxfd0fpH-fE5Bt6wGgaAlgPAHtIwbjI0C8aWEnZBRhkuVsQmEf4Gmgsc_uj0RojqbdBpP8IR1JuBOBdGBm24KRzdwuZBcAsevfztNDfBchiQlwqJfnaoBcbr1nZIB_YOWpxpBZK_7Qpu_sLBAyUZ5FvdOTLaNae0DLaQKCHbatDG-8ggGb4bP_PCo61xl9XF0Ql_xTu5HnzhqU9WBWBhNsJvAew85Z6OWV7ux1Qghe3IfxCf93fC7FGGcU40wpcgGjs0ezm5hywXrgWzHwvJPkHTdsoZpJ2QZM8QFP9j10FAGfG0sf48khCu_C9lQvYSN0lCeQs5VFfAJ04PgXJE-QOHhDHXO_0SEuiUMtZD333Q_h_iQwzLHebrvBTZdUIqk7VEqyurqAZEmZH4tNT3dst_dl6rVHLMCXOasAW11egeidaNBxNr0QhdY7GqdKxwZC_JRK937GZSDlNUSzPYcbbLootQcavM-Dq7PuWD5OXX7yndZYQZ8JXu-3Q6c3Qs7c77zeDKCS9s4k0pW1N2SSSeiVEoo1bGfZKwAAiqXwRg6ZT1MuHVMW9yjAV4JEMyj9PK0FPs1sdTJxJ-W_mmo9M4FApRVftUT8ecdZDBG_CsKb2wdpaMe59EiyQxP9OHV9PtOnC-3IlmTS8w9sk8XwPILFkMYpYv&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405eb2f6d8945054766bd381a9b65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9db7cef46d1102b7faa030fff4f335190a1065bbd8fd6220fad139850752ed2f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB3; OXPCLK=AAHg4AAAAAAAAAB3; ppucnt=119
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB3; OXPCLK=AAHg4AAAAAAAAAB3; ppucnt=119
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=Bi6KaktGtkLkFpNLWfAsLlcwP0jnPBSp_uLAFcIcXBz1-aoI6ioEVX4xWKkYA3zr4I0E-AKsDoXoMcrfLfRqC2plX08KOMOM5ZUJV16qaafpv6g1VXIq5xfuJ4iza_9GbUiAekTUgFLhAMBUPoGnRVONE3IleuNUp9Yvy7YQBuiPXxWNfEBvweN-_PYLNtfoHw7T--bNtYnuJXsWsa-IUpF-4j1HzkKRDrx_kpHX37Ctje1P-r2KC2i7zVNu2m9qV2u6lk9cMqVE_fdeC_hfBMBbNNkJerFMvMIaajlXS8lQvmGegk-awMpZPbGbvt1Gydnpa9Tq_UuYzmeUmsQm6N3uhme-yQVZpokI6Rg8P2KuadF4-q1jbdpsGSIKxmHsQGJmfC25Ss3AkikvYhj1I1YOD8OUKY_U79-Y7hLwO49SD7HvwTSvLOGVWSIQvkD-h70jDVgpAq2tZZ25Bp0MQlnoQ0KvcLfhugpTHzBc084n-XlZzIa_Wb7M2KuILoGUpod0hwlfs-TjREFsCESGAdSPo-kO4DPBD6rzJR57rlgba3HugAMLmAEDh53Voqobp4ICVcJpeneNbU4AhUiv4TMkhdripmH03Vd2WSd9lIkLH6N66aInp3AjlU_MzGCnaZm_C1JoEzfYh9yFInPkVvLy8HMfFssos4BT&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
704f46b4616c4d99c91ea8bc6a8abc1d88efbdb436e5b3d77bb684c8ad2631f7

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=Bi6KaktGtkLkFpNLWfAsLlcwP0jnPBSp_uLAFcIcXBz1-aoI6ioEVX4xWKkYA3zr4I0E-AKsDoXoMcrfLfRqC2plX08KOMOM5ZUJV16qaafpv6g1VXIq5xfuJ4iza_9GbUiAekTUgFLhAMBUPoGnRVONE3IleuNUp9Yvy7YQBuiPXxWNfEBvweN-_PYLNtfoHw7T--bNtYnuJXsWsa-IUpF-4j1HzkKRDrx_kpHX37Ctje1P-r2KC2i7zVNu2m9qV2u6lk9cMqVE_fdeC_hfBMBbNNkJerFMvMIaajlXS8lQvmGegk-awMpZPbGbvt1Gydnpa9Tq_UuYzmeUmsQm6N3uhme-yQVZpokI6Rg8P2KuadF4-q1jbdpsGSIKxmHsQGJmfC25Ss3AkikvYhj1I1YOD8OUKY_U79-Y7hLwO49SD7HvwTSvLOGVWSIQvkD-h70jDVgpAq2tZZ25Bp0MQlnoQ0KvcLfhugpTHzBc084n-XlZzIa_Wb7M2KuILoGUpod0hwlfs-TjREFsCESGAdSPo-kO4DPBD6rzJR57rlgba3HugAMLmAEDh53Voqobp4ICVcJpeneNbU4AhUiv4TMkhdripmH03Vd2WSd9lIkLH6N66aInp3AjlU_MzGCnaZm_C1JoEzfYh9yFInPkVvLy8HMfFssos4BT&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB3; OXPCLK=AAHg4AAAAAAAAAB3; ppucnt=119
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB4; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB4; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=120; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=Bi6KaktGtkLkFpNLWfAsLlcwP0jnPBSp_uLAFcIcXBz1-aoI6ioEVX4xWKkYA3zr4I0E-AKsDoXoMcrfLfRqC2plX08KOMOM5ZUJV16qaafpv6g1VXIq5xfuJ4iza_9GbUiAekTUgFLhAMBUPoGnRVONE3IleuNUp9Yvy7YQBuiPXxWNfEBvweN-_PYLNtfoHw7T--bNtYnuJXsWsa-IUpF-4j1HzkKRDrx_kpHX37Ctje1P-r2KC2i7zVNu2m9qV2u6lk9cMqVE_fdeC_hfBMBbNNkJerFMvMIaajlXS8lQvmGegk-awMpZPbGbvt1Gydnpa9Tq_UuYzmeUmsQm6N3uhme-yQVZpokI6Rg8P2KuadF4-q1jbdpsGSIKxmHsQGJmfC25Ss3AkikvYhj1I1YOD8OUKY_U79-Y7hLwO49SD7HvwTSvLOGVWSIQvkD-h70jDVgpAq2tZZ25Bp0MQlnoQ0KvcLfhugpTHzBc084n-XlZzIa_Wb7M2KuILoGUpod0hwlfs-TjREFsCESGAdSPo-kO4DPBD6rzJR57rlgba3HugAMLmAEDh53Voqobp4ICVcJpeneNbU4AhUiv4TMkhdripmH03Vd2WSd9lIkLH6N66aInp3AjlU_MzGCnaZm_C1JoEzfYh9yFInPkVvLy8HMfFssos4BT&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405768aa9743eb746fdaf84d94dff&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e5c31812ab0ddc542ad56fc3a061b0dfb352070d034fa5a02b26347211a3f3ad

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB4; OXPCLK=AAHg4AAAAAAAAAB4; ppucnt=120
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB4; OXPCLK=AAHg4AAAAAAAAAB4; ppucnt=120
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=JDvF7LMiWiv8VcqMgGLULra799k6QiIEUMhDurwYkMexuJZPEolbfLxGidFauhtc_YdJGsgB15WpGu_dP3fC6ID_eOF18FXCjRs906cRqzrnMNAT_eIqspSUbymja84ZhzTpO0eIhbkEBZOwjms7epI5aAeQW7tJCK5Mim7_eXvDdoCsRbZ8mLcJorEsiU9kXTrM4KbwfzClvMX7YD6VyiuBXw8cHgohWQ5emoT1IQHUJq7c42eEdGBbsOjy6ke_Xzl-xkaZIkeWqzyopHXLfhuDParpFVxP_auv7DO35lQJrQ_FgifUwDhg0890zTaHBuBWiYraUBsqtHG1oLxcErCYU9xumiBKcKqF6qoQx6168uqjvmylHhrdOOKBowOnG7jKc78na4lkEmzzqYV29_1-ohHyJ3BP_pLHa5h53BXdF0nZw2avLf46Rg-y-NG-KsC6GaOLTxeDZorgwJHqkVbFYCm6kcQeY_fGkjjDhyYUPnVfXJJT7K4l_rrc3ev58RYPwH742OcrSOxm2E3awrnUVBwQXC8seMzw1tUdvR7UgGe0BVzlXH7hm64BmolQUs8G5GG39ar_rkAoYj1hacEQHWB33CYeZCl-saZleSR4FD8O6-64-vaT38qflMV6MAs-xZJ50Q66H-sXHUfXspmySLwpnLdRVeOO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
23af4464dd871c9c99df07f515ea30e136a865579887d567e0dda98976eb068f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=JDvF7LMiWiv8VcqMgGLULra799k6QiIEUMhDurwYkMexuJZPEolbfLxGidFauhtc_YdJGsgB15WpGu_dP3fC6ID_eOF18FXCjRs906cRqzrnMNAT_eIqspSUbymja84ZhzTpO0eIhbkEBZOwjms7epI5aAeQW7tJCK5Mim7_eXvDdoCsRbZ8mLcJorEsiU9kXTrM4KbwfzClvMX7YD6VyiuBXw8cHgohWQ5emoT1IQHUJq7c42eEdGBbsOjy6ke_Xzl-xkaZIkeWqzyopHXLfhuDParpFVxP_auv7DO35lQJrQ_FgifUwDhg0890zTaHBuBWiYraUBsqtHG1oLxcErCYU9xumiBKcKqF6qoQx6168uqjvmylHhrdOOKBowOnG7jKc78na4lkEmzzqYV29_1-ohHyJ3BP_pLHa5h53BXdF0nZw2avLf46Rg-y-NG-KsC6GaOLTxeDZorgwJHqkVbFYCm6kcQeY_fGkjjDhyYUPnVfXJJT7K4l_rrc3ev58RYPwH742OcrSOxm2E3awrnUVBwQXC8seMzw1tUdvR7UgGe0BVzlXH7hm64BmolQUs8G5GG39ar_rkAoYj1hacEQHWB33CYeZCl-saZleSR4FD8O6-64-vaT38qflMV6MAs-xZJ50Q66H-sXHUfXspmySLwpnLdRVeOO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB4; OXPCLK=AAHg4AAAAAAAAAB4; ppucnt=120
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB5; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB5; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=121; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=JDvF7LMiWiv8VcqMgGLULra799k6QiIEUMhDurwYkMexuJZPEolbfLxGidFauhtc_YdJGsgB15WpGu_dP3fC6ID_eOF18FXCjRs906cRqzrnMNAT_eIqspSUbymja84ZhzTpO0eIhbkEBZOwjms7epI5aAeQW7tJCK5Mim7_eXvDdoCsRbZ8mLcJorEsiU9kXTrM4KbwfzClvMX7YD6VyiuBXw8cHgohWQ5emoT1IQHUJq7c42eEdGBbsOjy6ke_Xzl-xkaZIkeWqzyopHXLfhuDParpFVxP_auv7DO35lQJrQ_FgifUwDhg0890zTaHBuBWiYraUBsqtHG1oLxcErCYU9xumiBKcKqF6qoQx6168uqjvmylHhrdOOKBowOnG7jKc78na4lkEmzzqYV29_1-ohHyJ3BP_pLHa5h53BXdF0nZw2avLf46Rg-y-NG-KsC6GaOLTxeDZorgwJHqkVbFYCm6kcQeY_fGkjjDhyYUPnVfXJJT7K4l_rrc3ev58RYPwH742OcrSOxm2E3awrnUVBwQXC8seMzw1tUdvR7UgGe0BVzlXH7hm64BmolQUs8G5GG39ar_rkAoYj1hacEQHWB33CYeZCl-saZleSR4FD8O6-64-vaT38qflMV6MAs-xZJ50Q66H-sXHUfXspmySLwpnLdRVeOO&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405e89a876e790a41998777989a46&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
af082ab549b3de21ede5c7de1377b553aaac844abcb7395d8b94ff65e30f4bad

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB5; OXPCLK=AAHg4AAAAAAAAAB5; ppucnt=121
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB5; OXPCLK=AAHg4AAAAAAAAAB5; ppucnt=121
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=fHYRpsxuz2GJEIsiyGIjreBtyRwktBybTAetrbdjSXgLRGLtZsUf5ETw6Lr-UsQhnsWw_smTwKzpDsBTqPaFTC0jb50q95o9lfXvYZkj2wYQpXsNepI6TDr7b0Xeo2ZvCXj-d37LycChA_WM8qxxpKAFNTi4nqJ1cSDtKKPxU77SeTLD4JC4PQh_6DNPRhE0UDjZ_imOMvp84uNTtBxrEFoPrg5N54IShwjNjm3Ycvhzg6dyo8wXmUNZeaJnV5yb2klRa3CgaylanG2s5gWjXzfyrLV-rzelfYlzhpZZJFeY9R2XxR6tYCpJkWbjcBABb6UiecOIr5FSdFjpuBpyzMq6zzjdv8K8ERiPv27rRBxDWGP4UvoMklr2vSUcZPaVEz79YzKiwD_69MuUddc6ZdyZmJZo4K0_ouLQderlJGlzYjWAY5D3rm219lUFIu5BxWksApzRxUfjY17Ey3iNrwAdYSSACtds7ddpB4qRsKOG_2EzV0lk9ifVHYS6xuZfHqgqJUiUGojZs9xfGkn_OCDEkVkpzabn-wY7OfZ-a25eGMjHbzv6KgAsDHA1h_Jli2_ADeWrxlGD_vqXEfXnrZXiVHm-J_iSRgHPP6sCfR_Uwm0C_jawCTlR-QW22jROVwvT8OryZ0T9g_oAY5Y_Pf546vbJA6Dvx1ms&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
241991d920bb7e90cd868e8ff1c4bc15e9b8fa54c5cb3cfe513f3f54bd115c19

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=fHYRpsxuz2GJEIsiyGIjreBtyRwktBybTAetrbdjSXgLRGLtZsUf5ETw6Lr-UsQhnsWw_smTwKzpDsBTqPaFTC0jb50q95o9lfXvYZkj2wYQpXsNepI6TDr7b0Xeo2ZvCXj-d37LycChA_WM8qxxpKAFNTi4nqJ1cSDtKKPxU77SeTLD4JC4PQh_6DNPRhE0UDjZ_imOMvp84uNTtBxrEFoPrg5N54IShwjNjm3Ycvhzg6dyo8wXmUNZeaJnV5yb2klRa3CgaylanG2s5gWjXzfyrLV-rzelfYlzhpZZJFeY9R2XxR6tYCpJkWbjcBABb6UiecOIr5FSdFjpuBpyzMq6zzjdv8K8ERiPv27rRBxDWGP4UvoMklr2vSUcZPaVEz79YzKiwD_69MuUddc6ZdyZmJZo4K0_ouLQderlJGlzYjWAY5D3rm219lUFIu5BxWksApzRxUfjY17Ey3iNrwAdYSSACtds7ddpB4qRsKOG_2EzV0lk9ifVHYS6xuZfHqgqJUiUGojZs9xfGkn_OCDEkVkpzabn-wY7OfZ-a25eGMjHbzv6KgAsDHA1h_Jli2_ADeWrxlGD_vqXEfXnrZXiVHm-J_iSRgHPP6sCfR_Uwm0C_jawCTlR-QW22jROVwvT8OryZ0T9g_oAY5Y_Pf546vbJA6Dvx1ms&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB5; OXPCLK=AAHg4AAAAAAAAAB5; ppucnt=121
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB6; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB6; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=122; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=fHYRpsxuz2GJEIsiyGIjreBtyRwktBybTAetrbdjSXgLRGLtZsUf5ETw6Lr-UsQhnsWw_smTwKzpDsBTqPaFTC0jb50q95o9lfXvYZkj2wYQpXsNepI6TDr7b0Xeo2ZvCXj-d37LycChA_WM8qxxpKAFNTi4nqJ1cSDtKKPxU77SeTLD4JC4PQh_6DNPRhE0UDjZ_imOMvp84uNTtBxrEFoPrg5N54IShwjNjm3Ycvhzg6dyo8wXmUNZeaJnV5yb2klRa3CgaylanG2s5gWjXzfyrLV-rzelfYlzhpZZJFeY9R2XxR6tYCpJkWbjcBABb6UiecOIr5FSdFjpuBpyzMq6zzjdv8K8ERiPv27rRBxDWGP4UvoMklr2vSUcZPaVEz79YzKiwD_69MuUddc6ZdyZmJZo4K0_ouLQderlJGlzYjWAY5D3rm219lUFIu5BxWksApzRxUfjY17Ey3iNrwAdYSSACtds7ddpB4qRsKOG_2EzV0lk9ifVHYS6xuZfHqgqJUiUGojZs9xfGkn_OCDEkVkpzabn-wY7OfZ-a25eGMjHbzv6KgAsDHA1h_Jli2_ADeWrxlGD_vqXEfXnrZXiVHm-J_iSRgHPP6sCfR_Uwm0C_jawCTlR-QW22jROVwvT8OryZ0T9g_oAY5Y_Pf546vbJA6Dvx1ms&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405b29b6e6871cc4d4ba644163ae2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
45b5557d7be639022571bde818c858fc325b98da1f332be1cb98d2fc66484839

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB6; OXPCLK=AAHg4AAAAAAAAAB6; ppucnt=122
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB6; OXPCLK=AAHg4AAAAAAAAAB6; ppucnt=122
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=o3eEMY5QlaPs9MxWXBq_bwj5dxekOj0V0aTsd5rLYLLk7rlWTTjWTcK52nHf1GoM3zLjt51ohKhd-MPJfkTaP52k_KOftRwlBbEorcY6tR68PqSC7Zx3_HMPJml7eZX-9rzxI09MueuXzhnOLt-b_YflvMZQlFGRqwyY7r2oJiff2Ytqn4zT3KBvqSSj_A_fdwIXIomOF--KZ7bDtYEqCfVmkLZpA0BIYColGKmfBe27Q23I-ZUoHw-6t_lpl5ctm52vnVUFimhB4y9lieOxzSk39zJmDMUIpoqP6DUVGH_mtNaLQwIOKWjFZgZNLvke2e6lugJY-PosdxXjmB3B5kfMfCXhtq4WJBDyPbsepdyTEtLjylmGS06E3dvwpvSLZ3ZC9VuPhKxS0LeFh163D3fqmHwZjItbLyetksXlHLxrrzWf24xRr8SK8DrAVeGPJnJ_6xZE1h9Cak8HbCJF2HlQX8KnElQg0vUgGh4Jce2pvrkPlB3PSt7l5EMcqOrvVqAyYslJ-ebgwXi4wYmuNkme4q6NAS0QrKhIlg_cCl4jdL3J4QDb2kpOfjapU8zZ6g4GWuB_rsTkQnWBqpwhdr6FMCAejGCNjQCNsPPU5zAec2Ql-kTbRcvrUsyT9TJQ3jXaB2kvGZx-uTNyW4w3jZsKa8LsHAengwv3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=o3eEMY5QlaPs9MxWXBq_bwj5dxekOj0V0aTsd5rLYLLk7rlWTTjWTcK52nHf1GoM3zLjt51ohKhd-MPJfkTaP52k_KOftRwlBbEorcY6tR68PqSC7Zx3_HMPJml7eZX-9rzxI09MueuXzhnOLt-b_YflvMZQlFGRqwyY7r2oJiff2Ytqn4zT3KBvqSSj_A_fdwIXIomOF--KZ7bDtYEqCfVmkLZpA0BIYColGKmfBe27Q23I-ZUoHw-6t_lpl5ctm52vnVUFimhB4y9lieOxzSk39zJmDMUIpoqP6DUVGH_mtNaLQwIOKWjFZgZNLvke2e6lugJY-PosdxXjmB3B5kfMfCXhtq4WJBDyPbsepdyTEtLjylmGS06E3dvwpvSLZ3ZC9VuPhKxS0LeFh163D3fqmHwZjItbLyetksXlHLxrrzWf24xRr8SK8DrAVeGPJnJ_6xZE1h9Cak8HbCJF2HlQX8KnElQg0vUgGh4Jce2pvrkPlB3PSt7l5EMcqOrvVqAyYslJ-ebgwXi4wYmuNkme4q6NAS0QrKhIlg_cCl4jdL3J4QDb2kpOfjapU8zZ6g4GWuB_rsTkQnWBqpwhdr6FMCAejGCNjQCNsPPU5zAec2Ql-kTbRcvrUsyT9TJQ3jXaB2kvGZx-uTNyW4w3jZsKa8LsHAengwv3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB6; OXPCLK=AAHg4AAAAAAAAAB6; ppucnt=122
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB7; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB7; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure ppucnt=123; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:51 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=1a51d3b4a6a68139f8f4c2ca9a52cfa01631480751&psp=o3eEMY5QlaPs9MxWXBq_bwj5dxekOj0V0aTsd5rLYLLk7rlWTTjWTcK52nHf1GoM3zLjt51ohKhd-MPJfkTaP52k_KOftRwlBbEorcY6tR68PqSC7Zx3_HMPJml7eZX-9rzxI09MueuXzhnOLt-b_YflvMZQlFGRqwyY7r2oJiff2Ytqn4zT3KBvqSSj_A_fdwIXIomOF--KZ7bDtYEqCfVmkLZpA0BIYColGKmfBe27Q23I-ZUoHw-6t_lpl5ctm52vnVUFimhB4y9lieOxzSk39zJmDMUIpoqP6DUVGH_mtNaLQwIOKWjFZgZNLvke2e6lugJY-PosdxXjmB3B5kfMfCXhtq4WJBDyPbsepdyTEtLjylmGS06E3dvwpvSLZ3ZC9VuPhKxS0LeFh163D3fqmHwZjItbLyetksXlHLxrrzWf24xRr8SK8DrAVeGPJnJ_6xZE1h9Cak8HbCJF2HlQX8KnElQg0vUgGh4Jce2pvrkPlB3PSt7l5EMcqOrvVqAyYslJ-ebgwXi4wYmuNkme4q6NAS0QrKhIlg_cCl4jdL3J4QDb2kpOfjapU8zZ6g4GWuB_rsTkQnWBqpwhdr6FMCAejGCNjQCNsPPU5zAec2Ql-kTbRcvrUsyT9TJQ3jXaB2kvGZx-uTNyW4w3jZsKa8LsHAengwv3&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405c2aebfcf8606436db7161b4ebb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c74b06399c326b2ba31648bb140d517770d02596329be65ab41d32064a83db06

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB7; OXPCLK=AAHg4AAAAAAAAAB7; ppucnt=123
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB7; OXPCLK=AAHg4AAAAAAAAAB7; ppucnt=123
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=93EfXJrNjFDMV-ond7-W_xM9x8s2snkBIJXMilKuo3Rk0iDNsxT0cEU631C204MsGdnMOBZ3BRitnscyYzVWpCvinexOZtshmWQLAf5bns7uWduZdJH-IXgQnOIRXsR5DKxX9mzZBGR6gjtCn3U-JlM7Em62oWZZgtY6TbbRgjD_cA40ShWi-d686d8OzumAuT3rrbrjUUFvX9BpVNW8kqVjGxWDb8OTdzq9vH3oTAls8JKTCgAExjIY7iWf5Mbs_mMyl95giZxawZuQXu1NyopKsyvDslxyZg3rzv9C87sNH2XwkGkj5ShBmXEz6sPG-XIyZWNPrNAYX9OtQZqWxHzqaVlmgEd0QAr9NyjbozbkYl2EM73i-197Bgm_3KZrnBLgMYvoVCMTrlW9hmQZZ-q_DwBxu3t-urS7rMSwr2TrJZpRijzT7861d7yBWwsuJ6i2_g-0R-3kHssWze0V6y3_dipL9h0LGxp5D-L1541hqVyB3TFNR13qhEh6ELrtx94aDcqP_rbIIxJOxnscZ3SKzE6CI89ZfLXIdeNqLHtFslQQghlDNnEef_cZsey73Qor38l51cNcZVZTzHJbES17q9u4LBhcD6qG9LfDV14Ev1FgF6F4Nw0K-wQGPYq_JVP4IxRSwsqSc4-R7k0CmBPeNvJIzlhiZb4v&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d74bad9b682df93d17880b88c82cce5495a66ff6b95353e67974f012a9760e3a

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=93EfXJrNjFDMV-ond7-W_xM9x8s2snkBIJXMilKuo3Rk0iDNsxT0cEU631C204MsGdnMOBZ3BRitnscyYzVWpCvinexOZtshmWQLAf5bns7uWduZdJH-IXgQnOIRXsR5DKxX9mzZBGR6gjtCn3U-JlM7Em62oWZZgtY6TbbRgjD_cA40ShWi-d686d8OzumAuT3rrbrjUUFvX9BpVNW8kqVjGxWDb8OTdzq9vH3oTAls8JKTCgAExjIY7iWf5Mbs_mMyl95giZxawZuQXu1NyopKsyvDslxyZg3rzv9C87sNH2XwkGkj5ShBmXEz6sPG-XIyZWNPrNAYX9OtQZqWxHzqaVlmgEd0QAr9NyjbozbkYl2EM73i-197Bgm_3KZrnBLgMYvoVCMTrlW9hmQZZ-q_DwBxu3t-urS7rMSwr2TrJZpRijzT7861d7yBWwsuJ6i2_g-0R-3kHssWze0V6y3_dipL9h0LGxp5D-L1541hqVyB3TFNR13qhEh6ELrtx94aDcqP_rbIIxJOxnscZ3SKzE6CI89ZfLXIdeNqLHtFslQQghlDNnEef_cZsey73Qor38l51cNcZVZTzHJbES17q9u4LBhcD6qG9LfDV14Ev1FgF6F4Nw0K-wQGPYq_JVP4IxRSwsqSc4-R7k0CmBPeNvJIzlhiZb4v&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB7; OXPCLK=AAHg4AAAAAAAAAB7; ppucnt=123
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB8; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB8; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=124; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=93EfXJrNjFDMV-ond7-W_xM9x8s2snkBIJXMilKuo3Rk0iDNsxT0cEU631C204MsGdnMOBZ3BRitnscyYzVWpCvinexOZtshmWQLAf5bns7uWduZdJH-IXgQnOIRXsR5DKxX9mzZBGR6gjtCn3U-JlM7Em62oWZZgtY6TbbRgjD_cA40ShWi-d686d8OzumAuT3rrbrjUUFvX9BpVNW8kqVjGxWDb8OTdzq9vH3oTAls8JKTCgAExjIY7iWf5Mbs_mMyl95giZxawZuQXu1NyopKsyvDslxyZg3rzv9C87sNH2XwkGkj5ShBmXEz6sPG-XIyZWNPrNAYX9OtQZqWxHzqaVlmgEd0QAr9NyjbozbkYl2EM73i-197Bgm_3KZrnBLgMYvoVCMTrlW9hmQZZ-q_DwBxu3t-urS7rMSwr2TrJZpRijzT7861d7yBWwsuJ6i2_g-0R-3kHssWze0V6y3_dipL9h0LGxp5D-L1541hqVyB3TFNR13qhEh6ELrtx94aDcqP_rbIIxJOxnscZ3SKzE6CI89ZfLXIdeNqLHtFslQQghlDNnEef_cZsey73Qor38l51cNcZVZTzHJbES17q9u4LBhcD6qG9LfDV14Ev1FgF6F4Nw0K-wQGPYq_JVP4IxRSwsqSc4-R7k0CmBPeNvJIzlhiZb4v&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214059c29e2b0a1e041138ef2a5e890&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
642f4f75bd6dc19049a88b62504d9636b7204aad6b85d5840c30061fd49144c6

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB8; OXPCLK=AAHg4AAAAAAAAAB8; ppucnt=124
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB8; OXPCLK=AAHg4AAAAAAAAAB8; ppucnt=124
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=5I5knLYFLxkGVr4iBAuTnViOuB1yOntin56OwH99LDMEQM-sFMQ9nCQwhP4C0TbCHLFdmf3COzuoTFAKUQsK5PmWFVhewPeiUUkHYDTpiQh7CG5LRSWmcEt58AGcYxovjcWFxNqVO2WSpQ8Z1aH5ZHvwoIv9Y9P7xxA4RwOcaob5vZxMhb-7WIu7NcvWvYl6U8CG-JC8aHf1IsSB_Rj-N0ES2gqRh4hSP9Fxosp7W-VwH9lfVquzS-yfQnzM2CPtwFirUkotGundu_Sds2HBUDRwqOK7GhkYJ3qfVwO_9mJxOz3JwDR12wmeYKeHqm7R2kd3nv3rn9vvoq8v2xxWOORfX1DG8KdR7wTaH0vY96ayqJ6IjfMNIY0ojw2faFkrTg2eZTWrhtGdsrhRruvkMKOGTnfa0DkqcZyMp7dflyRx4lrFVdXHlZFfDruaVJzO5RdkWc-qNsmIMBz4Pc18yPVHeXcNrSGhEu38BLpGY4TIFFwrcxOs5Dsvq_2XeHwD3pLJmMq8EaPki1ME_BG2nL2pZgH5l_7iOI2ZOF4Q7S0UxEGnXIY7I02NK0NXD1YBshTxuTHTd336lQR4fuojO8NDVg9QjsDfLDNSPIGCoifyXgK6_4yXo0k3qXvfqNa526uju6Wo8cobPuCaKsweB_4B7i3Kj94UI_6_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8d47eab6bd2d9fcc02ca1a5bef18da76d438852e486b3720e1456954a6a69c5b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=5I5knLYFLxkGVr4iBAuTnViOuB1yOntin56OwH99LDMEQM-sFMQ9nCQwhP4C0TbCHLFdmf3COzuoTFAKUQsK5PmWFVhewPeiUUkHYDTpiQh7CG5LRSWmcEt58AGcYxovjcWFxNqVO2WSpQ8Z1aH5ZHvwoIv9Y9P7xxA4RwOcaob5vZxMhb-7WIu7NcvWvYl6U8CG-JC8aHf1IsSB_Rj-N0ES2gqRh4hSP9Fxosp7W-VwH9lfVquzS-yfQnzM2CPtwFirUkotGundu_Sds2HBUDRwqOK7GhkYJ3qfVwO_9mJxOz3JwDR12wmeYKeHqm7R2kd3nv3rn9vvoq8v2xxWOORfX1DG8KdR7wTaH0vY96ayqJ6IjfMNIY0ojw2faFkrTg2eZTWrhtGdsrhRruvkMKOGTnfa0DkqcZyMp7dflyRx4lrFVdXHlZFfDruaVJzO5RdkWc-qNsmIMBz4Pc18yPVHeXcNrSGhEu38BLpGY4TIFFwrcxOs5Dsvq_2XeHwD3pLJmMq8EaPki1ME_BG2nL2pZgH5l_7iOI2ZOF4Q7S0UxEGnXIY7I02NK0NXD1YBshTxuTHTd336lQR4fuojO8NDVg9QjsDfLDNSPIGCoifyXgK6_4yXo0k3qXvfqNa526uju6Wo8cobPuCaKsweB_4B7i3Kj94UI_6_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB8; OXPCLK=AAHg4AAAAAAAAAB8; ppucnt=124
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB9; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB9; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=125; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=5I5knLYFLxkGVr4iBAuTnViOuB1yOntin56OwH99LDMEQM-sFMQ9nCQwhP4C0TbCHLFdmf3COzuoTFAKUQsK5PmWFVhewPeiUUkHYDTpiQh7CG5LRSWmcEt58AGcYxovjcWFxNqVO2WSpQ8Z1aH5ZHvwoIv9Y9P7xxA4RwOcaob5vZxMhb-7WIu7NcvWvYl6U8CG-JC8aHf1IsSB_Rj-N0ES2gqRh4hSP9Fxosp7W-VwH9lfVquzS-yfQnzM2CPtwFirUkotGundu_Sds2HBUDRwqOK7GhkYJ3qfVwO_9mJxOz3JwDR12wmeYKeHqm7R2kd3nv3rn9vvoq8v2xxWOORfX1DG8KdR7wTaH0vY96ayqJ6IjfMNIY0ojw2faFkrTg2eZTWrhtGdsrhRruvkMKOGTnfa0DkqcZyMp7dflyRx4lrFVdXHlZFfDruaVJzO5RdkWc-qNsmIMBz4Pc18yPVHeXcNrSGhEu38BLpGY4TIFFwrcxOs5Dsvq_2XeHwD3pLJmMq8EaPki1ME_BG2nL2pZgH5l_7iOI2ZOF4Q7S0UxEGnXIY7I02NK0NXD1YBshTxuTHTd336lQR4fuojO8NDVg9QjsDfLDNSPIGCoifyXgK6_4yXo0k3qXvfqNa526uju6Wo8cobPuCaKsweB_4B7i3Kj94UI_6_&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214052c92280deed947a9a2fd80618c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0955f9b0d893856e734132e169eec651be6834bf57c3b9d4c7587ae6fb7130a3

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB9; OXPCLK=AAHg4AAAAAAAAAB9; ppucnt=125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB9; OXPCLK=AAHg4AAAAAAAAAB9; ppucnt=125
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=WXm3XNZwBrxqdo6SrcY7mik4wmGKyEsvOdCV63pBJccFrAw1Ryu-PXd5FM1Ko2mKzA01lqXZUCZFyzU1RoD24LX9VxEWlWFPKQPqm6mT1xPRiHAAZDWucUK_I8a1zkJfoeIqqD1Gl74JV2Tl2LS2Rarxoiu_G6x3WpTJOntsW8ksmQBnYa3AT4K8QpYzxL8MkSPiVmAwZ9gTInUL4sG4xQysRHk8pdQuNZWLYJBqz7nQexODB80LJkqzNKSq1kys3_xX6kf0dagQ1yxDgXefOWvOYNfxODPGQPdV7jLoYDuNB-gwcqb04aJHWne7xtnRKINujQM5EYCHTrHQgjiCuOiiO8wZFRRdrR5ZlvXUOkLz5VpBvlNvd37BpUnvUbvtSBNDhk8LTMvfe9FUbhMpqAUrOLlJToObac9L3_XzYga2YYdpKNODNSi_mTn_v5ZA--mlXMVyqQ6YbFS3xloS3FHP88ymauEAyuU9pZuKU3UvCdxFlwwx3jQ41dLEHQ7JjYFtUyPurAQEM5XYiHV6FkcobJmp_qr_3rF4W45cqViy0wOfC81qyibG02eBiiWMvDWRsWgoDvO-JwT7sbNRBZihO5Ghly1jcxt6OexCr1Rz0on5vh91xhOPem8c6KBBMsjI0_OYFSK8aEHFQ7jLQ66C8Y3-iduODiwA&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2414680e01c283d73ef32ae7b77620807f748f2f7eb460aae85be0ca809c0758

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=WXm3XNZwBrxqdo6SrcY7mik4wmGKyEsvOdCV63pBJccFrAw1Ryu-PXd5FM1Ko2mKzA01lqXZUCZFyzU1RoD24LX9VxEWlWFPKQPqm6mT1xPRiHAAZDWucUK_I8a1zkJfoeIqqD1Gl74JV2Tl2LS2Rarxoiu_G6x3WpTJOntsW8ksmQBnYa3AT4K8QpYzxL8MkSPiVmAwZ9gTInUL4sG4xQysRHk8pdQuNZWLYJBqz7nQexODB80LJkqzNKSq1kys3_xX6kf0dagQ1yxDgXefOWvOYNfxODPGQPdV7jLoYDuNB-gwcqb04aJHWne7xtnRKINujQM5EYCHTrHQgjiCuOiiO8wZFRRdrR5ZlvXUOkLz5VpBvlNvd37BpUnvUbvtSBNDhk8LTMvfe9FUbhMpqAUrOLlJToObac9L3_XzYga2YYdpKNODNSi_mTn_v5ZA--mlXMVyqQ6YbFS3xloS3FHP88ymauEAyuU9pZuKU3UvCdxFlwwx3jQ41dLEHQ7JjYFtUyPurAQEM5XYiHV6FkcobJmp_qr_3rF4W45cqViy0wOfC81qyibG02eBiiWMvDWRsWgoDvO-JwT7sbNRBZihO5Ghly1jcxt6OexCr1Rz0on5vh91xhOPem8c6KBBMsjI0_OYFSK8aEHFQ7jLQ66C8Y3-iduODiwA&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB9; OXPCLK=AAHg4AAAAAAAAAB9; ppucnt=125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB%2B; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB%2B; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=126; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=WXm3XNZwBrxqdo6SrcY7mik4wmGKyEsvOdCV63pBJccFrAw1Ryu-PXd5FM1Ko2mKzA01lqXZUCZFyzU1RoD24LX9VxEWlWFPKQPqm6mT1xPRiHAAZDWucUK_I8a1zkJfoeIqqD1Gl74JV2Tl2LS2Rarxoiu_G6x3WpTJOntsW8ksmQBnYa3AT4K8QpYzxL8MkSPiVmAwZ9gTInUL4sG4xQysRHk8pdQuNZWLYJBqz7nQexODB80LJkqzNKSq1kys3_xX6kf0dagQ1yxDgXefOWvOYNfxODPGQPdV7jLoYDuNB-gwcqb04aJHWne7xtnRKINujQM5EYCHTrHQgjiCuOiiO8wZFRRdrR5ZlvXUOkLz5VpBvlNvd37BpUnvUbvtSBNDhk8LTMvfe9FUbhMpqAUrOLlJToObac9L3_XzYga2YYdpKNODNSi_mTn_v5ZA--mlXMVyqQ6YbFS3xloS3FHP88ymauEAyuU9pZuKU3UvCdxFlwwx3jQ41dLEHQ7JjYFtUyPurAQEM5XYiHV6FkcobJmp_qr_3rF4W45cqViy0wOfC81qyibG02eBiiWMvDWRsWgoDvO-JwT7sbNRBZihO5Ghly1jcxt6OexCr1Rz0on5vh91xhOPem8c6KBBMsjI0_OYFSK8aEHFQ7jLQ66C8Y3-iduODiwA&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405da4373f8552f4135a09efea643&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3650ee8a80f6f98aeb99ba76248231e11cd2bdafdb5b09a650d45b38af2e2a2b

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB%2B; OXPCLK=AAHg4AAAAAAAAAB%2B; ppucnt=126
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB%2B; OXPCLK=AAHg4AAAAAAAAAB%2B; ppucnt=126
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=GsX1LPqwx8OF08t1UBH0PWLzfNNCkhzi8hqD-4mFRNpCa-IzuLEJVVx6hEYWdQltTQegVnRc274y2SC6IYRP0miXJc_NeVN7_l8gOkm8zBAaOLfKtFFRpZdYxeUVzskFpQgkt_v_l3VKGOpziQ4BAFGeQnd9Mufnf7eYWwX5cGDVeZCnsU0SvIvh3FaoSjE5mxhUa0zpcjB1bGPwFbsWeSEZJ447ABmm82_HfuGn6j1DRcHy4DeJ-AJMSAo-VHIHJrpWWBuN_-M2G1ehG9lOZZ44zatmqbLF9RNVTfMtiVlBp9ww10mJWm_KVWGk0bp8aqB064XsnUS77WBHv6U-StMofwHe4JEEc9zA6NoaL6w-AoZ-ewZoL3cOMHkCVpqUfXB-bHo9rdAFLiByfiOG0u77_j7yaKCW-Y1FSOLhStchnEHZuD6vFtD8Dd2JEOcA3Umc89x-DheWq8cgzxG4P1nkQiyKjJqF4Nw7FjfzExJdDgluVxWgcIy6XTYXDOv0c4LKtqsrDXc20qvXCDVpI8K7Nt3k5iDF5pa1wQIHt8FAUZB0ibbWeCTK0dO9lvGXNU31ju15G7mvYB1a99pfolA3vrxTFsikukhF2nuvfo8wYtpLzzo9apl2PBovH-6ev9buTFAO-m7xSzrYehJo1lDTnnbNbK8O0Ux1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f6720056e19d218ca57d58786a5e6baee6e9fc79ff53c7a0f9a3697e24e3d821

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=GsX1LPqwx8OF08t1UBH0PWLzfNNCkhzi8hqD-4mFRNpCa-IzuLEJVVx6hEYWdQltTQegVnRc274y2SC6IYRP0miXJc_NeVN7_l8gOkm8zBAaOLfKtFFRpZdYxeUVzskFpQgkt_v_l3VKGOpziQ4BAFGeQnd9Mufnf7eYWwX5cGDVeZCnsU0SvIvh3FaoSjE5mxhUa0zpcjB1bGPwFbsWeSEZJ447ABmm82_HfuGn6j1DRcHy4DeJ-AJMSAo-VHIHJrpWWBuN_-M2G1ehG9lOZZ44zatmqbLF9RNVTfMtiVlBp9ww10mJWm_KVWGk0bp8aqB064XsnUS77WBHv6U-StMofwHe4JEEc9zA6NoaL6w-AoZ-ewZoL3cOMHkCVpqUfXB-bHo9rdAFLiByfiOG0u77_j7yaKCW-Y1FSOLhStchnEHZuD6vFtD8Dd2JEOcA3Umc89x-DheWq8cgzxG4P1nkQiyKjJqF4Nw7FjfzExJdDgluVxWgcIy6XTYXDOv0c4LKtqsrDXc20qvXCDVpI8K7Nt3k5iDF5pa1wQIHt8FAUZB0ibbWeCTK0dO9lvGXNU31ju15G7mvYB1a99pfolA3vrxTFsikukhF2nuvfo8wYtpLzzo9apl2PBovH-6ev9buTFAO-m7xSzrYehJo1lDTnnbNbK8O0Ux1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB%2B; OXPCLK=AAHg4AAAAAAAAAB%2B; ppucnt=126
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAAB%2F; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAAB%2F; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=127; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=GsX1LPqwx8OF08t1UBH0PWLzfNNCkhzi8hqD-4mFRNpCa-IzuLEJVVx6hEYWdQltTQegVnRc274y2SC6IYRP0miXJc_NeVN7_l8gOkm8zBAaOLfKtFFRpZdYxeUVzskFpQgkt_v_l3VKGOpziQ4BAFGeQnd9Mufnf7eYWwX5cGDVeZCnsU0SvIvh3FaoSjE5mxhUa0zpcjB1bGPwFbsWeSEZJ447ABmm82_HfuGn6j1DRcHy4DeJ-AJMSAo-VHIHJrpWWBuN_-M2G1ehG9lOZZ44zatmqbLF9RNVTfMtiVlBp9ww10mJWm_KVWGk0bp8aqB064XsnUS77WBHv6U-StMofwHe4JEEc9zA6NoaL6w-AoZ-ewZoL3cOMHkCVpqUfXB-bHo9rdAFLiByfiOG0u77_j7yaKCW-Y1FSOLhStchnEHZuD6vFtD8Dd2JEOcA3Umc89x-DheWq8cgzxG4P1nkQiyKjJqF4Nw7FjfzExJdDgluVxWgcIy6XTYXDOv0c4LKtqsrDXc20qvXCDVpI8K7Nt3k5iDF5pa1wQIHt8FAUZB0ibbWeCTK0dO9lvGXNU31ju15G7mvYB1a99pfolA3vrxTFsikukhF2nuvfo8wYtpLzzo9apl2PBovH-6ev9buTFAO-m7xSzrYehJo1lDTnnbNbK8O0Ux1&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214055016fc9322414cda8fb4352871&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e1bafb823f955104849bfca3de0f6530fda82bb5f171ea507edf495b25b6f6a4

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB%2F; OXPCLK=AAHg4AAAAAAAAAB%2F; ppucnt=127
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB%2F; OXPCLK=AAHg4AAAAAAAAAB%2F; ppucnt=127
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=1jmRBcXGjq9vSR3SExKpEvuLBA2Id8sfC4u4g0wnDNEgYmdrhf1HNqVlmBRwQHPxvhE6OWMwF0CRrMvtfBYZJHW5HDDJFV4G1kAbWWkHFbOHP5i1bi3sU0loRa_YFogDSvQcNyju5n4r7m9x4LGr3-OXyJP4rNGuOBw2GZ4VqZ-aW3eOQFMV3t1CDcHEfqsMjPZ8HV7rslJfVQagShTWmqD4d1UzYqh3cckG7gYjgDtupHAFEBbax8G_KjkYFd_TnxxcFB4rNCEuEFXUT2qBSi6rqwZpBsTOQvDHPjqoadVGOM-4c4Pq3yss9bqPOmytOX90YL0owe6eCKk6bkeHd_Q74Qt9GpS7Fust5SGLRFrCmTuJM7AI7LCyGtcOew09G9A3dIazGk6s2VOLdZ17KNfKdkzEoIwdgAJP1_7VS_-X_KRHjJuk7gsMA7D-QH7HqZcaMPxRnBuemVObEqAYZK3nvmmVZqf9Z6UlJZ-rRfzzPdyOMKQ5KOsgNAg5Opnc_KpM3xmicfv44YhPLhdmMYQsE0n0qpd12hnL3Oo26bUoNOs6EEoPOyppzy5kwQr6GXJYnKSRDBsGoZoRe797MWNl1cSoazuA9orsKR3rVkB_DPn8T2yaad6C4KjYHjD4BQ4eHhuT6ZZgFCXAxPX_uYpHW3Wo937k0xs9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
518e9807cf373f1d72dd8bd409124cf61bc4533194b06edd6d0941b61820465c

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=1jmRBcXGjq9vSR3SExKpEvuLBA2Id8sfC4u4g0wnDNEgYmdrhf1HNqVlmBRwQHPxvhE6OWMwF0CRrMvtfBYZJHW5HDDJFV4G1kAbWWkHFbOHP5i1bi3sU0loRa_YFogDSvQcNyju5n4r7m9x4LGr3-OXyJP4rNGuOBw2GZ4VqZ-aW3eOQFMV3t1CDcHEfqsMjPZ8HV7rslJfVQagShTWmqD4d1UzYqh3cckG7gYjgDtupHAFEBbax8G_KjkYFd_TnxxcFB4rNCEuEFXUT2qBSi6rqwZpBsTOQvDHPjqoadVGOM-4c4Pq3yss9bqPOmytOX90YL0owe6eCKk6bkeHd_Q74Qt9GpS7Fust5SGLRFrCmTuJM7AI7LCyGtcOew09G9A3dIazGk6s2VOLdZ17KNfKdkzEoIwdgAJP1_7VS_-X_KRHjJuk7gsMA7D-QH7HqZcaMPxRnBuemVObEqAYZK3nvmmVZqf9Z6UlJZ-rRfzzPdyOMKQ5KOsgNAg5Opnc_KpM3xmicfv44YhPLhdmMYQsE0n0qpd12hnL3Oo26bUoNOs6EEoPOyppzy5kwQr6GXJYnKSRDBsGoZoRe797MWNl1cSoazuA9orsKR3rVkB_DPn8T2yaad6C4KjYHjD4BQ4eHhuT6ZZgFCXAxPX_uYpHW3Wo937k0xs9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAAB%2F; OXPCLK=AAHg4AAAAAAAAAB%2F; ppucnt=127
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAACA; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAACA; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=128; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=1jmRBcXGjq9vSR3SExKpEvuLBA2Id8sfC4u4g0wnDNEgYmdrhf1HNqVlmBRwQHPxvhE6OWMwF0CRrMvtfBYZJHW5HDDJFV4G1kAbWWkHFbOHP5i1bi3sU0loRa_YFogDSvQcNyju5n4r7m9x4LGr3-OXyJP4rNGuOBw2GZ4VqZ-aW3eOQFMV3t1CDcHEfqsMjPZ8HV7rslJfVQagShTWmqD4d1UzYqh3cckG7gYjgDtupHAFEBbax8G_KjkYFd_TnxxcFB4rNCEuEFXUT2qBSi6rqwZpBsTOQvDHPjqoadVGOM-4c4Pq3yss9bqPOmytOX90YL0owe6eCKk6bkeHd_Q74Qt9GpS7Fust5SGLRFrCmTuJM7AI7LCyGtcOew09G9A3dIazGk6s2VOLdZ17KNfKdkzEoIwdgAJP1_7VS_-X_KRHjJuk7gsMA7D-QH7HqZcaMPxRnBuemVObEqAYZK3nvmmVZqf9Z6UlJZ-rRfzzPdyOMKQ5KOsgNAg5Opnc_KpM3xmicfv44YhPLhdmMYQsE0n0qpd12hnL3Oo26bUoNOs6EEoPOyppzy5kwQr6GXJYnKSRDBsGoZoRe797MWNl1cSoazuA9orsKR3rVkB_DPn8T2yaad6C4KjYHjD4BQ4eHhuT6ZZgFCXAxPX_uYpHW3Wo937k0xs9&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=2109121405237acc945a004b9288aa6608f0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6a4aa8180daadcf74be3a7d2153ec8f9e101bfb52b04c02f1cec10e0c11f8d6f

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACA; OXPCLK=AAHg4AAAAAAAAACA; ppucnt=128
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACA; OXPCLK=AAHg4AAAAAAAAACA; ppucnt=128
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=Hp35ZqycdmGKJX53Gu0RnmWWIFQ44iDhljplIFRSfmeEeN_Dr4jKXc7n_4mi5AJgz6izp6yjyVwJ2ppFQJwNYEDH8RTgNUaYLzXj686nYlXRKfctj3QMRp1Rt1di6ZHv8oxh0i3aJBCJIXaRFlVHsfhvQOSpcoRr5TTvnrjrDUuEEYU9rciHXVA1XzykifV6C0yga7Ek4eFekDjHn-g273xK-yhOBEQztLusP2giLt6djr3wmxkXOxnRg_RTQB4TpCezghL96hP7NMEby0gaqA4A9W0gDrt-k-3xRi7fqHeg6-acjqIKrh8PkqLsvoIJfBjFxlKAieq72tJsOLw5o9uvXcyKDqi9dztQJKzgZ8U6lYsuXcu0WgF1Ub0u6c2KPQe9Q3VfYviN3nEK83CBUv7TJdHao4IlxxM5ftk3rRZ-kRsYhr44XfWXyIwV3o_9xdJCHaBj3YtBoZ5d2Gj0HNTuB5mwld1PziKNNpoX39W0epBq2zaF5qtg2JzIXOqlJdU7L4PMARqiAS9q8j7PwSiJKmoDZC7RLZ7FEfWfEXLl1Kb1GNxoThubaJ_tumY_jdOB-bDKfHLzTjiB38O3w3C6Csee--vZgNfNXnv89C8-7RbZ27eyXnYbzp0KADhHJlgxTPCRyenlTAW8iGBuQjF5vj47bWOQRkOH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b13143a5d905ce83ef17a9d2426e1049a164d9220b5cf1488ad23f721fb71675

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=Hp35ZqycdmGKJX53Gu0RnmWWIFQ44iDhljplIFRSfmeEeN_Dr4jKXc7n_4mi5AJgz6izp6yjyVwJ2ppFQJwNYEDH8RTgNUaYLzXj686nYlXRKfctj3QMRp1Rt1di6ZHv8oxh0i3aJBCJIXaRFlVHsfhvQOSpcoRr5TTvnrjrDUuEEYU9rciHXVA1XzykifV6C0yga7Ek4eFekDjHn-g273xK-yhOBEQztLusP2giLt6djr3wmxkXOxnRg_RTQB4TpCezghL96hP7NMEby0gaqA4A9W0gDrt-k-3xRi7fqHeg6-acjqIKrh8PkqLsvoIJfBjFxlKAieq72tJsOLw5o9uvXcyKDqi9dztQJKzgZ8U6lYsuXcu0WgF1Ub0u6c2KPQe9Q3VfYviN3nEK83CBUv7TJdHao4IlxxM5ftk3rRZ-kRsYhr44XfWXyIwV3o_9xdJCHaBj3YtBoZ5d2Gj0HNTuB5mwld1PziKNNpoX39W0epBq2zaF5qtg2JzIXOqlJdU7L4PMARqiAS9q8j7PwSiJKmoDZC7RLZ7FEfWfEXLl1Kb1GNxoThubaJ_tumY_jdOB-bDKfHLzTjiB38O3w3C6Csee--vZgNfNXnv89C8-7RbZ27eyXnYbzp0KADhHJlgxTPCRyenlTAW8iGBuQjF5vj47bWOQRkOH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACA; OXPCLK=AAHg4AAAAAAAAACA; ppucnt=128
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAACB; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAACB; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=129; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=Hp35ZqycdmGKJX53Gu0RnmWWIFQ44iDhljplIFRSfmeEeN_Dr4jKXc7n_4mi5AJgz6izp6yjyVwJ2ppFQJwNYEDH8RTgNUaYLzXj686nYlXRKfctj3QMRp1Rt1di6ZHv8oxh0i3aJBCJIXaRFlVHsfhvQOSpcoRr5TTvnrjrDUuEEYU9rciHXVA1XzykifV6C0yga7Ek4eFekDjHn-g273xK-yhOBEQztLusP2giLt6djr3wmxkXOxnRg_RTQB4TpCezghL96hP7NMEby0gaqA4A9W0gDrt-k-3xRi7fqHeg6-acjqIKrh8PkqLsvoIJfBjFxlKAieq72tJsOLw5o9uvXcyKDqi9dztQJKzgZ8U6lYsuXcu0WgF1Ub0u6c2KPQe9Q3VfYviN3nEK83CBUv7TJdHao4IlxxM5ftk3rRZ-kRsYhr44XfWXyIwV3o_9xdJCHaBj3YtBoZ5d2Gj0HNTuB5mwld1PziKNNpoX39W0epBq2zaF5qtg2JzIXOqlJdU7L4PMARqiAS9q8j7PwSiJKmoDZC7RLZ7FEfWfEXLl1Kb1GNxoThubaJ_tumY_jdOB-bDKfHLzTjiB38O3w3C6Csee--vZgNfNXnv89C8-7RbZ27eyXnYbzp0KADhHJlgxTPCRyenlTAW8iGBuQjF5vj47bWOQRkOH&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=210912140576937e98058e470c8871985058&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
97c9deaad3bb6c3d8cba1eb8d401695117bdd2e274b7d1b29728ca8345025fb9

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACB; OXPCLK=AAHg4AAAAAAAAACB; ppucnt=129
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACB; OXPCLK=AAHg4AAAAAAAAACB; ppucnt=129
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=krSLzhBNDY99HjhnpQMu-aALz2EqFJGk65HN1amuw-zf_QCVGa3MWHzWyhAgUuX2Dra24QN_0tQHKdVyuppOvA-r31y2f4D6Uppj5V4defMWqcJ1BUFxjJniltG0cGvMW_cHFBP6Nod-7Nv_IQ8TiyeAleO2JaGWxgoNhso0Sm22ZsptMayNe_sHiJ0x0t22l-CBVG_ZZ5yix-d1nK2HgDzw6fDilxXyqpA4iVf5VyB-Q7l4OfwivkFNJVCSkDt7ni9Nml-EsDBT1Pp0515UEB-NkbeRGCOcXKSSYdixAk8wJzFOzrBmHSTqAHel9mQyhGJKiC09cBy5KGPWU_1gxFXXzdIYn07BHnMiYARMS_BbMx37CnmtcBouXlup5fapRVpFMUpAMfkuOePO9VJspTAjTcaxSGbqZSTIoFJd2dLh2LtKUvDTmqe4p7eu3zmkleVZTja8IgmhWdUZmar5C-dJD8RkeYkkgChcuqcgRmVetogP--_tvqDA1Xvum9-fVLSCMMG4IZ0uQ9y6SPhlYSs3s8I53sHYRpjqV-FOCIq7Nu1zECjHmNIg3G-CUzeFq-p0NVPfa-F6ITAZ3hjOwnRvEyaI6xo5FESvN-oLqEnlmeYbY1YMcclJ5IPTHSVo0KuWQ-GI5eFfkywMObp-J455nWfRqxy68rYf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=krSLzhBNDY99HjhnpQMu-aALz2EqFJGk65HN1amuw-zf_QCVGa3MWHzWyhAgUuX2Dra24QN_0tQHKdVyuppOvA-r31y2f4D6Uppj5V4defMWqcJ1BUFxjJniltG0cGvMW_cHFBP6Nod-7Nv_IQ8TiyeAleO2JaGWxgoNhso0Sm22ZsptMayNe_sHiJ0x0t22l-CBVG_ZZ5yix-d1nK2HgDzw6fDilxXyqpA4iVf5VyB-Q7l4OfwivkFNJVCSkDt7ni9Nml-EsDBT1Pp0515UEB-NkbeRGCOcXKSSYdixAk8wJzFOzrBmHSTqAHel9mQyhGJKiC09cBy5KGPWU_1gxFXXzdIYn07BHnMiYARMS_BbMx37CnmtcBouXlup5fapRVpFMUpAMfkuOePO9VJspTAjTcaxSGbqZSTIoFJd2dLh2LtKUvDTmqe4p7eu3zmkleVZTja8IgmhWdUZmar5C-dJD8RkeYkkgChcuqcgRmVetogP--_tvqDA1Xvum9-fVLSCMMG4IZ0uQ9y6SPhlYSs3s8I53sHYRpjqV-FOCIq7Nu1zECjHmNIg3G-CUzeFq-p0NVPfa-F6ITAZ3hjOwnRvEyaI6xo5FESvN-oLqEnlmeYbY1YMcclJ5IPTHSVo0KuWQ-GI5eFfkywMObp-J455nWfRqxy68rYf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACB; OXPCLK=AAHg4AAAAAAAAACB; ppucnt=129
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAACC; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure OXPCLK=AAHg4AAAAAAAAACC; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure ppucnt=130; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:52 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=krSLzhBNDY99HjhnpQMu-aALz2EqFJGk65HN1amuw-zf_QCVGa3MWHzWyhAgUuX2Dra24QN_0tQHKdVyuppOvA-r31y2f4D6Uppj5V4defMWqcJ1BUFxjJniltG0cGvMW_cHFBP6Nod-7Nv_IQ8TiyeAleO2JaGWxgoNhso0Sm22ZsptMayNe_sHiJ0x0t22l-CBVG_ZZ5yix-d1nK2HgDzw6fDilxXyqpA4iVf5VyB-Q7l4OfwivkFNJVCSkDt7ni9Nml-EsDBT1Pp0515UEB-NkbeRGCOcXKSSYdixAk8wJzFOzrBmHSTqAHel9mQyhGJKiC09cBy5KGPWU_1gxFXXzdIYn07BHnMiYARMS_BbMx37CnmtcBouXlup5fapRVpFMUpAMfkuOePO9VJspTAjTcaxSGbqZSTIoFJd2dLh2LtKUvDTmqe4p7eu3zmkleVZTja8IgmhWdUZmar5C-dJD8RkeYkkgChcuqcgRmVetogP--_tvqDA1Xvum9-fVLSCMMG4IZ0uQ9y6SPhlYSs3s8I53sHYRpjqV-FOCIq7Nu1zECjHmNIg3G-CUzeFq-p0NVPfa-F6ITAZ3hjOwnRvEyaI6xo5FESvN-oLqEnlmeYbY1YMcclJ5IPTHSVo0KuWQ-GI5eFfkywMObp-J455nWfRqxy68rYf&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214050c52e3e8f77442eebcc8dbf7ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
44ad675494b4206be8c0335413b5e79e8a8f6cff0ca8531d28d9c18f8ca6d1da

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACC; OXPCLK=AAHg4AAAAAAAAACC; ppucnt=130
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACC; OXPCLK=AAHg4AAAAAAAAACC; ppucnt=130
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		997 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=gw80njn0DmKzqxGKvA15HY0Fi5EMzaG6OXw7St-vX7ASkgEiypUJTcKHFby5peMNXPTiwbLNpQ6uCFSTnde1hUQRu4vf1kOFSx3PpGjcXseyLkiRWuRs4N-fzSZqaHnAZh8g8ox6ZQiNyHTzFO_MyGkwFRzwsihUMI7DUnwknTlikrX8vKlZeGnNpsoPGVrFNVFWghWkPptmPhpk94IF4TGyoy5u-iBLbc4Sb-vqZp9aXHPx8B6DHW0F77bJKhq_UqC_2zrRQVQgeWFwuB5b8P50O8cS-UzjUhsrC9TTUaYK_tEe5572voCC75LdttZ3ho6ojoPB8EIWNYc11afJWphBI9uSliFxPYf8_Au69sk_RGF9HtMG7nFq8DBw-4H0k7j46bDwbox2E5udqdPszfdB69dCaPbt4OvJs6r8dcRgb_wWwSJ0qooWzOJO0b3VdGlbMQfA0cQLGnp6MHg4Ljd_yauhU4AnRHzezBsq7pzXeuf5of2QW6W8dPd3muvRKS8b2zZLgVEWWAzO0N350INbFcHFUM3AAj47acz1vShqwIIo6SrnW8l5IWkqCeKWUIQwNWqEMCyCuivppnnyuekBFWUlPB9QY1SbtHLpKjSJM5B0c0M9zP9Iy9Fxbev64ffEtQwPHBBeBXC4S8wUVc_xWKJQcp1x0Q0J&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ee2c6ccccf44888393e5461a80725d046b925c2e940bd39cbbff7978ccd95fe8

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=gw80njn0DmKzqxGKvA15HY0Fi5EMzaG6OXw7St-vX7ASkgEiypUJTcKHFby5peMNXPTiwbLNpQ6uCFSTnde1hUQRu4vf1kOFSx3PpGjcXseyLkiRWuRs4N-fzSZqaHnAZh8g8ox6ZQiNyHTzFO_MyGkwFRzwsihUMI7DUnwknTlikrX8vKlZeGnNpsoPGVrFNVFWghWkPptmPhpk94IF4TGyoy5u-iBLbc4Sb-vqZp9aXHPx8B6DHW0F77bJKhq_UqC_2zrRQVQgeWFwuB5b8P50O8cS-UzjUhsrC9TTUaYK_tEe5572voCC75LdttZ3ho6ojoPB8EIWNYc11afJWphBI9uSliFxPYf8_Au69sk_RGF9HtMG7nFq8DBw-4H0k7j46bDwbox2E5udqdPszfdB69dCaPbt4OvJs6r8dcRgb_wWwSJ0qooWzOJO0b3VdGlbMQfA0cQLGnp6MHg4Ljd_yauhU4AnRHzezBsq7pzXeuf5of2QW6W8dPd3muvRKS8b2zZLgVEWWAzO0N350INbFcHFUM3AAj47acz1vShqwIIo6SrnW8l5IWkqCeKWUIQwNWqEMCyCuivppnnyuekBFWUlPB9QY1SbtHLpKjSJM5B0c0M9zP9Iy9Fxbev64ffEtQwPHBBeBXC4S8wUVc_xWKJQcp1x0Q0J&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACC; OXPCLK=AAHg4AAAAAAAAACC; ppucnt=130
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABPemAAAAAAAAACD; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:53 GMT; Secure OXPCLK=AAHg4AAAAAAAAACD; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:53 GMT; Secure ppucnt=131; Path=/; SameSite=None; Expires=Mon, 13 Sep 2021 19:05:53 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=8b99226f723ef7cb735e7337152bbcd41631480752&psp=gw80njn0DmKzqxGKvA15HY0Fi5EMzaG6OXw7St-vX7ASkgEiypUJTcKHFby5peMNXPTiwbLNpQ6uCFSTnde1hUQRu4vf1kOFSx3PpGjcXseyLkiRWuRs4N-fzSZqaHnAZh8g8ox6ZQiNyHTzFO_MyGkwFRzwsihUMI7DUnwknTlikrX8vKlZeGnNpsoPGVrFNVFWghWkPptmPhpk94IF4TGyoy5u-iBLbc4Sb-vqZp9aXHPx8B6DHW0F77bJKhq_UqC_2zrRQVQgeWFwuB5b8P50O8cS-UzjUhsrC9TTUaYK_tEe5572voCC75LdttZ3ho6ojoPB8EIWNYc11afJWphBI9uSliFxPYf8_Au69sk_RGF9HtMG7nFq8DBw-4H0k7j46bDwbox2E5udqdPszfdB69dCaPbt4OvJs6r8dcRgb_wWwSJ0qooWzOJO0b3VdGlbMQfA0cQLGnp6MHg4Ljd_yauhU4AnRHzezBsq7pzXeuf5of2QW6W8dPd3muvRKS8b2zZLgVEWWAzO0N350INbFcHFUM3AAj47acz1vShqwIIo6SrnW8l5IWkqCeKWUIQwNWqEMCyCuivppnnyuekBFWUlPB9QY1SbtHLpKjSJM5B0c0M9zP9Iy9Fxbev64ffEtQwPHBBeBXC4S8wUVc_xWKJQcp1x0Q0J&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a

Request headers

:method
GET
:authority
517s61.reminews.com
:scheme
https
:path
/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
content-type
text/html; charset=utf-8
content-length
6608
server
nginx/1.18.0
last-modified
Tue, 07 Sep 2021 11:13:16 GMT
etag
656623aae06642bf44c396460a413655
x-timestamp
1631013195.64402
x-trans-id
txe78cf2de54ea4adea619e-00613750ad
x-openstack-request-id
txe78cf2de54ea4adea619e-00613750ad
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Tue, 14 Sep 2021 19:05:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
tx3f300fde9e684a8e95dd6-00613750ac
x-trans-id
tx3f300fde9e684a8e95dd6-00613750ac
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
tx1b65a216209440aa8be71-00613750a9
x-trans-id
tx1b65a216209440aa8be71-00613750a9
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
tx7e235a6f2e9242cb827db-00613750a9
x-trans-id
tx7e235a6f2e9242cb827db-00613750a9
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
tx1184a24ef66f41aebc875-00613750a9
x-trans-id
tx1184a24ef66f41aebc875-00613750a9
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
tx2f01e79626524bae824b1-00613750a9
x-trans-id
tx2f01e79626524bae824b1-00613750a9
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
txe92410c585314b5ca4ebf-00613750a9
x-trans-id
txe92410c585314b5ca4ebf-00613750a9
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
txc4389a8ee6ec46f19abba-00613750a9
x-trans-id
txc4389a8ee6ec46f19abba-00613750a9
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1860159&ymid=21091214051f9c4ac0bd5e42dbb76242b63d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
x-openstack-request-id
txa4aa7b8a44b344358e434-00613750ac
x-trans-id
txa4aa7b8a44b344358e434-00613750ac
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:05:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
Primary Request afu.php
acofrnsr44es3954b.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5f42632e1a46fa0ea6306c0f5f17eee2f0f977f6d6ee87f0ed2ffe12ed63b816

Request headers

:method
GET
:authority
acofrnsr44es3954b.com
:scheme
https
:path
/afu.php?zoneid=1860159&var=1860159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACD; OXPCLK=AAHg4AAAAAAAAACD; ppucnt=131
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 12 Sep 2021 19:05:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
acofrnsr44es3954b.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acofrnsr44es3954b.com/submit.min.js?2.0
Requested by
Host: acofrnsr44es3954b.com
URL: https://acofrnsr44es3954b.com/afu.php?zoneid=1860159&var=1860159
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
acofrnsr44es3954b.com
cookie
UID=2109121405b018471e72904644980c67d2a5; OXCCLK=ABPemAAAAAAAAACD; OXPCLK=AAHg4AAAAAAAAACD; ppucnt=131
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 19:05:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
acofrnsr44es3954b.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
acofrnsr44es3954b.com
URL
https://acofrnsr44es3954b.com/?r=dir&zoneid=1860159&var=1860159&pb=cf192c88795894ce2e8912cd15e992681631480753&psp=4ZLc7heZVvXc2LwvZGvSRENhO0NQbGqUCbb04hX9YLqLy9XqIv8QLt14Dh2NdwAsZZYhIsZntNmvBNVnALdnMVLN9CrITkyYSXi2INVBKaCi5Cs3wfdNeK9_4TQieJAd8xs78I_L-oQg1mjs0-Pga9AD74fMoagSCyFgwIqUkJVk6EpeGANb-Vv12oy-id_lXSlzuB9L2RpV5J1ytWo_mzx4dX8tJUnVyWy1yOny8q2JLWvI8xioRjlSS_FrM1qZ2YglakF201Lr15cHvj5nCB42P5Z2Q6a52BAOoU9NDXeFE3_Hk7HZ_mkKzpyTRbjTv6sPVk-54MZ5C39OaC4whNZaLXvo9EL6UaknkHOyu-AqkSjnBLwvdq0cVAaSV_HD7kODOhinXSfV--FeqJbQqdo7c-5F1cyVpFxYE0YJKJKfuxe3TE8DQqlhglkX1iMWhL-GL2RxSF5EsUAMo01tbbagmTKCa00XFZs5MF_QnlscO7LtspoWAffymeXJqsIAzJKu-LZZ3tFv_0P7cSBnMC7DOCoWUePAa9WUH1FU3AXfTu1PzI7UYGNt30jjGgVckKNbPorkQzAcAqlbNjnmfzieH-u_SKD9n3c-UIYK9peprFHSTvjhoGodKPZdIoeOI1wQvoWzlC23YF4F6qdzHkLVoYbg9fcTX2Qw&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
acofrnsr44es3954b.com/ Name: UID
Value: 2109121405b018471e72904644980c67d2a5
acofrnsr44es3954b.com/ Name: OXCCLK
Value: ABPemAAAAAAAAACC
acofrnsr44es3954b.com/ Name: OXPCLK
Value: AAHg4AAAAAAAAACC
acofrnsr44es3954b.com/ Name: ppucnt
Value: 130

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123.selornews.com
517s61.reminews.com
acofrnsr44es3954b.com
123.selornews.com
acofrnsr44es3954b.com
109.206.162.83
213.174.135.1
00123a506d9cc5afedb2597aa553710fae86fcc965bd2cc669d2d26b4e0cd4fe
024ba9048adfcef52563850ef064d008f52b134fb62d3771af4a665842719e45
03aa7cab8a5501e86dee8147f4fe1db66df5c02ed4202cc24fa499a181f3150a
04b8e0b2b8732f243594ddb56ee8d01c82ea61b59c8d49a26ae003293c2c9650
051156d76abf9b7d28f39d5cfd81352de1cb460b6703fe94b8cdcd413af78506
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
0533ca68955b35a3f0a4ad922e0f5158c3c3653f24a0a7e3fb69fa3b1a95acc2
0553470cf550e2b8a8802d8e6e054fd018b2fe8b9ef32b8f7be2192cc17488ed
058cdb9228795cb099d292f06ed282705208e00f7ae7d2e957a708f2453d60df
080ae56685468ddac53d728d938f478ac98bce8954a3a26787335d695b30c6eb
081632a722a7a6e2c4c673a950cb5d88867da37f3294c7cdce255c0f19a5a567
081a28b634d960184047a272ea73a8195d21c698f57085805698541249728c1e
0872868ce23908675b093eef11a9b4ba0de990af8c9c444ffd2da92792578c49
0955f9b0d893856e734132e169eec651be6834bf57c3b9d4c7587ae6fb7130a3
0a2873cd83111d954719eaf42b4b37538b57415356c2d9f963d42bb0d9f6ceb0
0cc28e47beb1281cbb9adda6aafd5d14ae2fee158e2ddc2fe8f7f74189e83a86
0df925e696699c55725201361004f660feeb54f3c7bc8f1eff97712b11ef1f0f
0e63c35982b9017fa618c86a3aff699adbd0a795be12e8f1d365e107748071e4
0f3a2d12cbd4328fca262e4b7b7cfa1c5481031f2de9fcae860af54394187d03
0f60207aebe223f1b9a75c186d26e301fd24ecf39165c73cf71dc451034b0d9c
104421e0b0ee6f8d87f6f45d18bc268314bb78772702147b08f4ab46e65d6c6d
10ab604da32f9f2537c6d0002a429cb347f226766ffa2d83e00ab4561d04cc78
11a80aa5161662376149da6feb391af0b2bde728d3ba489fba9c5b9400d94aa9
11cb4518453dc500c9d9ffbe736c6550cf582f4b17320d28f486ed432ddd97eb
12352259b38d5eaf63b4034b93dd0d435c5fe528ab1f56d49102488c340f3d50
140b064871ee16fa14be37306c2b8da34daddf18a8957e4363c6a69ae98e7d45
14d4a66c32cd92226623d2c48f4e4245f058208ccfa91dc9f7bd757074c7493c
14e6582235510ec78b8b46841e32b49fca9a29fdee2d16bab4ac80c275b2842a
15c47f98ad07dd1f5179a0b7d9baa5136d785ed9e9e70fb38bd546610bd90f17
15d4062fe3c06f6b6ef11cbb564926f947051eddd624a7b65acc6ded9e6dad8e
1819605035a60da2c2221d397a415c1f44a646cb7b2e1461240768a35f2df69c
1834d5e34e447d49d10fd7de4ae6b80c9cb38f7b206c3115fef9f12efbb36a65
1c3515ff717bff66957cd13615255048387d07c299374ebd4f42432be4e0579b
1e53cb77e082573cf29e5e247042ac1b3ab02ec4eb0a8494a9382a649e696f1b
1f180c086d09b3593f290adc3455911d6c313bf78f60ca62525619fe49fb8888
1f6d475a5a1a396d9396cfe853fac94ad1263fb52c91c29f500722e3c6f9b5da
20066b6e96fd0abe3dedc2eb83c3985d08dac630bba9b68acf64dc863a276dff
23af4464dd871c9c99df07f515ea30e136a865579887d567e0dda98976eb068f
2407632202f1a6f717161efc1634cefd48f2b7a73494627e23557afb68912ef7
2414680e01c283d73ef32ae7b77620807f748f2f7eb460aae85be0ca809c0758
241991d920bb7e90cd868e8ff1c4bc15e9b8fa54c5cb3cfe513f3f54bd115c19
26d0ceeefcd9fd57821594c0ae7acf43c3964038d6667ed7871db45d67445328
26ef281da70c790324127e50d334f55de79ba95cdeefce620e887eec296960df
27fa0804446c5a1282c5e12ecfb93a20c92fd26f17b66e1eb524e5723f369dc6
2a5c706419831cefd2ffb4ab2eb2eb4c1ded13d75b7f674bf48cd8c286034a54
2bef6300dcee545d3314d588445a018473b1ac62e9d42e5a15f163f090de3ea3
2d3b817c6796ae2786b5ee6db8653077d52d1c888ad98efdfdcb21bb83770252
2d7d9ed415e995f7f6234fcebd2eb023a83990849a7bae6de9137b2f4780e43f
2d82498ad3a96b1f9831678664024df7250c5245980f7a384aad8dd1b7c570c4
2e3e33add77b041d2e33b562374d1285bab805362f3f6bfc76b4db3d0c69b7d3
2e9eedda1b361c71cda243e9ec4dba6f3d359fb0fbea3d233f10670ba2af1f1a
2fd98c0a4eacd4380f49b85778736db1111b6c8ae6468263ddcebac9c86e8408
308c3bb07149063407a86d4458bb469a6c1861d06f4756633981b677b3624c06
327e00dd7e4f94d05ff364560eb4909c519c7a8d2a99a3c3c128ac3f984d8429
32f4963b4e59e87585643fae50d1c0d2202ea3b22c05f9e7c0b07e078c7ef4ac
34b847d7f1682f8554ddadc5c40608e629b30194bfed306f0c3671f128daf190
353df5216c9e650dd49a6b4146dc437030f3a53effd2d05603ce0178d30458e9
3650ee8a80f6f98aeb99ba76248231e11cd2bdafdb5b09a650d45b38af2e2a2b
37262dc28deab1ccf5c358cc8ac423e74ad285b7ba2357a8d568972b4a5b653a
3740bd8f62524fb083f58a179b012227b1bec3772da59f24e07dd2598656ad1f
375a60aae0a92c76b6af0e13069a70eb000fd5751ae115fd3c5eb3fc2abe5289
386c6a1ce00ebb4ed42ceba60988afd5b3d3c229084ce52c87925f5c84047d27
39c808d267e8206df0838c60285c1222b080cecb095001278945c270ab4b5d7d
3a6f1034198abe58da6845678a83c047640669ed5d2a022864d5ef070a6319d9
3b66416868f1a0865fcb0c6f66bdc1d32faf7b75f6e1a1b7517c3b782ac9a5de
3c68f88ed486e0ea5bfbc4a65fd2ef4f26da99e3b382affe27c45c6dff25c22a
3d6ef99a34db0d334cab2155e51fef4e0805350f9a50ecb66413479f3d3c865c
42684dc7702fb497dffb05859b7682df0ba2bfb90ab22937ce1fab4055855e0c
44ad675494b4206be8c0335413b5e79e8a8f6cff0ca8531d28d9c18f8ca6d1da
45b5557d7be639022571bde818c858fc325b98da1f332be1cb98d2fc66484839
462a10c1fc21f13264b5eeb10aceca984c246493dfd2bd59ed1ab5d9674d600d
466cd7def5f799efc9908036d69f48304005d22544175bd0310b6aa0a280b015
46ed1a620db58bf83eb3e2f0c966bb0e1afb889e6a0657bd7babe57d8719d683
48396d525d5fecaa9b89894d4db213924aec13076460b1976d927fa5992a2bc0
4aa6407d3d45b0f9f1d54176994b82bd84a16504653a23366d26afcdf513eacb
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9
4d7ed3f595d88ebc02106cd3b99472659d127561e15d9c9120d8aa9968e119ae
4d9b7285252d086a2f4d25d4e9e9db12587d22e2460c8de83554c83a79093109
4da00215fe90c847cf0beab8aa98c5e8aca68398d05ee9fd030a64e55f7f5fd8
4efb07a5d26a8ac7f86568749d71003cd312bcf4e315093a38e70718e1ac7f85
508e408dad8ada23ba44feb7cd11b89d221d02d78e7b8c49a0360511e7c02e02
518e9807cf373f1d72dd8bd409124cf61bc4533194b06edd6d0941b61820465c
51e87f10557e7160910adf4c74b206602f2b46166e166d754320ea5c911f0c43
5381cdbfab10576d5a4752e2a9658530e1f7f11f63fff14c5c4d6a25d48ed9d8
54020efd4ff787fae8fd99fd7b754d5280d5fd63952f56642fce5dbd02744ee1
54dde488b9dfe19b3db47517a7921853b08a5727855d51cae9a7f2ccd36b24a3
5503fbc0a7206746bb3e4e7358b03a51ca07e216fa81adc59320ccde78a23d64
5577fdecc15accefce38d64c877d445475e2a3e6a8d9b4e15f9540c9f701ec5d
55bc867ebbf579a6360843d2a1d3cc61b330d264a66a5ebc085932785f6c896c
5682185f1c93c4b75c2440c666fc23ff698bde267ff26e68b8bd815ec5ddb518
5778aed852d2db6b2908c84cd144b3571eff543f862310ec9133636871d64f56
5846cb9521735e64088fbdcee22a20847a890dd6b6a2c40c7cc4521a57d5f5dd
5a1d57e98702129644921ededc791f24625329462d7e20f64d18fbff9a11ca53
5ac08410b2ebd90105a451fb8f8340aaf98e687ba4a47f205aceb7a40a199fbc
5c6ab67954e03edd48bb42ad8a531180c00c7eb4fe9384352b689930f26a6914
5cc1c31351907cc796331779c86e248e8ba6860ad856b258426d5bd257743291
5df298e97c5957f821d5f53647f0543b09bf6191820be14e943ac7930e4ae749
5f42632e1a46fa0ea6306c0f5f17eee2f0f977f6d6ee87f0ed2ffe12ed63b816
5f6058b49c1802f5414a59652e36c5bfee1424c3033f808488e7c5d1b66bfd14
6135a098d34f0c6c80d25867bb9a316caa0ddf65258ba7f684b22c9ec3afac87
614370d34e4e09ed887de9c8aaaf7d2b73b02fe7e697ac2c34f47054ce51cfc6
62c1c0b01f56bd048befc689fd6e539bae931e40b978055273fbad6973408023
642f4f75bd6dc19049a88b62504d9636b7204aad6b85d5840c30061fd49144c6
654d68d69bc647fe9c4426e1b4b4c787d1925045106026de0f1f5fd1920ca0c7
6600496bebe254075a90fe53465fac6f9bc2ae6b10d0aabbb4439edda19c354f
68418bb766f7220df3b628fd3f429b1bd0205899cd34b7f4253a8508298ca7c9
698270f2c7705a5bdb97a9781e0b055ff183890125bb58a6477bdd5620104002
6a4aa8180daadcf74be3a7d2153ec8f9e101bfb52b04c02f1cec10e0c11f8d6f
6a739c1a47d9d13a4dc011e7532a4b130fd139da76fa1574a711cc8c5297a2d5
6c7d1eb8839c3039b8a31209776b2ebe0c1307e95eed6b2e51653c3bc4f13469
6cf8d4e2d8b8e07d52bd4a93a9760e7fba4dc7982db4215b9affdba17bca12c2
6d122d9358dfbf2e49f1a137def0c48b6d9747299cca2cb4ccd91062cc62a364
6dafce184ff8d6ffaad8d1619e097f9cd754131d0283da2ca40e7c383a3b95c2
6e40b51fb0a26f338e0365cc9c4ef8ed25508a9841f2c27361678abc3b64cf78
6f841531fb7af420a0feabd081775ab0540c8f99f3de9fe6ecb605d100daafaa
6fce5bb7b932831a0a389bcfae614c6fc6375b10afb20e1242c8529c418fa49c
703bb147da7d1bd0520611286a5e4446d8b115edc7c45451f31eeaa8d3604e15
704ac850576addb36549716f2a7a2dc0e1cfd2ec0fb7316e8fb8c59c224eb52a
704f46b4616c4d99c91ea8bc6a8abc1d88efbdb436e5b3d77bb684c8ad2631f7
714ea7171ebc8a98a6654b7382c733312040b3b4917774b63c8503376a23e642
7257fe417f613de7ee039c2082a50ef8bc6171edd06711d721dd58cfc1581274
7323995362d5417e4b699a55a4b87196fe654ef7582a80c52e7f3dea6a2cf174
73794aa603007dd132bcba0e59e1e0bd74a7ce0c4304cdbcdf541fe0a82b4376
75107495fd268f87a13cac2bc0bebbc942bd0e424e5cc4cfcedd8425e68d0024
7664f23c56feb81efdc4db4c735b36f2f9c3461d8ca719aae325230fee22b09a
77c414acc30edde3031d3bc71edbce2c4e974ced9efdb1ad487f837882645518
79790b6a6c176daf15a1a222f1747dd59e5f3e39ea375cc19de3bbc42e2cb5aa
79a6895bcc25700083c36bdd644e86e0b6254152be3a3681e9e9c0fab8214614
7ad1fd709bb715ac10de1ebb5744d565592c8e7f02762aeaf85d0cbf05a306a0
7b181dae4c29623c191d37bab72c66ad2685abaa4f224124f66c2c04c53da185
7e023537013ec1b351aca5f9486d1d1d330cef72da59c403acd057aec9cb165a
7e8f45af3a5ac51c32b3e7a1afea9028510d94343047c64f8b928b307019b321
80abdbd276499dc693cd2bec00451e2187cd79a1d76c321f0ad0eff260e9d641
80e3a171eb120606d8f35cea91d14c370fa1ce15622d0c26a79615df40e1f5a1
81d40b58e90c4be6a93c0970b4432c1ba1701fb90562f5ebde01bce09f245af4
831ef6eaad809e6b48d1fddd74e8eba8403c2fefea90c2ed463d63917f73c326
84e8efffc562bdd26785536ce59061a3966dabfffb07b6c3b68d7b2092aa9fc4
851d10dcd1110d3f5ba81c96d8e0ea1f8298e6b9cbdb00f465a26ef6a7207137
883f2c3992c4258737e3acd36310f25d73e3081efe6db97907652be8efa00e72
899c20783a3d4006212939ad26e423af2268c882fb6ae2af0deed32b1ba6053d
8ba5a0cd15a7aa03774db9a4efc369a1b098e5a8c0460198aa1ab5837b2dbc38
8c4cea00488c6a8676f0e9d2cfaf97657565bdeb98f5555ee6e296299931b35c
8d47eab6bd2d9fcc02ca1a5bef18da76d438852e486b3720e1456954a6a69c5b
8e07893a9d7dbcec046742395b433d9e988e5527cfaf3d4ea158a05baf606d91
8e340391c9f126ed91b9d467bdbaf0cffeb806efe09d65ede722133c3134477b
8e841c43fbdeba9a83d7d89ba96dc548c69bb5fac825cdc3b98449ca3233bcbb
90bf2028b58a404292c35b401a763857d3f265fc2e465b5397652a8070afa565
92ebac60cea803fcee33aa433dd0351bc5baffb3f0e6f1d8d2bf270108e7e230
968e33a707720483bda64ee4168c807ca234ed01ef31ce403034431d4fa2e53a
969df7402406bf665a8f7417a1b4e1884523002b748f4ef696837a49310ba4c1
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520
96d47134ffc7cd91be9ea280afbede14db9c3f22b7b11d75ab5df5ff3c000d7e
974c3bb807bba901de2162af4060bf59eb089e4e1e889490a209a9674c40c597
97c9deaad3bb6c3d8cba1eb8d401695117bdd2e274b7d1b29728ca8345025fb9
99656ece73788e271b13f3dac71b0c2a92921b4b63a9e004e8097e54bb40a2d5
99f02103b7377301e2b1d610c385d184d17d69d2b8f70b3f4df86331edf3b288
9accb4054437209ac05ca21b0d2722f8d9ec3fef5b46291e78df10c2e1a93b91
9db7cef46d1102b7faa030fff4f335190a1065bbd8fd6220fad139850752ed2f
9e71835b746ffddc8b74b3ff0667f03b9b068910a42639d78dedc4246b7bba01
9eea27020684a1c908b7c71797682b7e61eff1e1326ae133bff631e2b1e766f9
9f84798c49c8cfd8146e37ce70c0028c59029397220919eaa1de0e0b1f1cd19d
a101bc5e14b7ffb4aaceadeccf8dc7fc592acae5ff99ff18b715fa54c1b74767
a53dc13441050e9b4fe75bd24a3e20ab1791481c198d0233d77fe0c24a7734c7
a73cca35864b4483cfe8254337e6bcb5962961ef28d3d868bf7d09855a49048c
a7cef0da5d825fe03e796c777d9cf6e3cd9c31edf6ac0dd766043c9b6ca82eb7
a826c860d3eb28994f049c197169bae1481d1abca24d4a3c3a16a5b2ff094599
a95dbb1662ed7cf687fa01bfd5679580f27047f073a1832a71344ab73e27e842
ad40c7a5dd831047a86c872a34e0c04d0dbca85c83666805294319f0867ff079
ad8037bd127f0cbbad6cd9b4dd9a9ef3a041c2b70a1769d7e44820a10b8feb33
af082ab549b3de21ede5c7de1377b553aaac844abcb7395d8b94ff65e30f4bad
b09c7c7e0955910253ffc2b5b684a04ab3c309ad92c790b990b50bbb71e6781c
b0d852e5517eb9319dc6cae45c66f6cf37954c8c8d82f6b36a13584221aaee88
b0dc7d7a44004a890510418f3b336304705e5f22f9f3c715fd558f01b1eb410c
b13143a5d905ce83ef17a9d2426e1049a164d9220b5cf1488ad23f721fb71675
b4b35487ff355b19df14ecd929adf8b322946b23a12d17d51eb48ec23d9098ef
b51bbb006f630070d3bfcfad074430fb430efc1460dbc205fe1a989ab68e160b
b5292d46616a2655389f351e9a7b02dac47c141050cc147b5f46fec4516734fd
b55934d2ecc9e7760227dac7c405d36540ca76d8cbf1a54c856cbe1bf5155e54
b56daa50e6eb0fc8e78553b4727d46aa575437995cdcc0a907dfd5632fa5ffe0
b882ebdc697223afd2bb73ce627ca928d8b5d9878151375e27c3b951850c912e
bbc4088563e4f82c9235379dffdf5f8f11cbd3d9653f19040f376eed7db98c7b
bbe46f6b53d9fc8d9d286d0914857f79413b7669d44b4d210d614421ee394124
bc5191bd0279cbed11b958fe755e5eec121b2f82b091290234ccf01e8aea8189
bfcf169f8ab36f7ebc5fe25c121dac7fa22cfde79e76d197e48acbc0b66fb6a1
bff0957ae0bdefec3c5c0cb412a0afe1b1791e6b75f1745f5b84b31caaf4c94a
c5e663def8f48b0a06daffdaf96e7305ee74054ad62596716f3d5c8261b4b385
c7409da7e49ad451009850755a62a3a63f8d6642c51569915f71ef35dc4ec6b6
c74b06399c326b2ba31648bb140d517770d02596329be65ab41d32064a83db06
c8af48d9d83cd826baa8411122da680c20914d571ee83ba5f20bf8f80c048a50
c8f1f3f03e4f8b721348fc0206278355f4b978ed660263af422b8f27e5bf267d
ca18e068a495a9762047f989c20d7b8a82adeb3ae6a9d6dd3750f1421d449ada
ca6966b5c9358c762a33006011a837dba565d62636149f1d815f0888f91b6411
cb09baafe5960daae6b84dd9c7689bd6959a8a9bcb0d6ed81795b9e260696792
cca38111716a1d702fc344025ae927de62ff4f980ba00b1522ef28fd0c1d57b0
cdf237c9ff5d078fc466974b16ed1f3c3496a10c6733f5afcaad7bcd1846c2c5
ce0400a69da856578e7b2dad8de7aaa9e56bdb30ca256e16824eb21526ec82c6
cfc3c902c5f8dd55617d52d06cc5d32ef28684a20361d2955e6ece6726e4632e
d028a46ce9a3cf40fc7b239a2157be6b90df87430f8c1f1673ace9e443338472
d1858244bb77b51eca33a36b0cb78537a61e360b8bca9505b775eb619c5aff10
d402a9b4f8988d6f871f1361f59fa08069b21126c6bdc8f1fb08041496054491
d4252a5fbdf9176f5828ec8096ada045a0465a18f2cb9835b7f3c8957ebed910
d71eec180f555114cda32989f1a42528bb639e3d781a18a7f62a478d70d5c591
d74bad9b682df93d17880b88c82cce5495a66ff6b95353e67974f012a9760e3a
d7964f413f8a502100c0cb272545557288d930a61600aded028b1a7e8fa73053
de6ea94db980197048c5827c195fc820cfe25d95701b0092261d38bbb802ae98
e01c954a6529bbef247d8c6d678f0638740202fd2728da78bebb3aa6b584e1a6
e0785982c0626b11715fd495dda033407dbbf789cbac334e0512ac06d9733e51
e1080484ce1089c5b0dcec62202e7dcca58f8c70763027395b98d9dd7eed1d69
e1bafb823f955104849bfca3de0f6530fda82bb5f171ea507edf495b25b6f6a4
e1c236e7e5b6104292c5fb935c4cc0ae35ff40db9b09a832553ef3fd3aa6b60b
e23694e3ef862a83ba4398a163cc500d2a0f770747a3121d713405e11cee7264
e33c59a37b0b1c83b99c6cb0e9c9c049c49e0a866ab23bd00c0123185557fb8e
e388c914aa0e799eb5a6feaad762201d147aaad04a308a3bf24461b3b5941ea5
e51c681daacb06bef71d1a924a0a7136c0eed109d66e1b9aa4f580300e6cc29d
e566eacd43e0476853359a5546a602bdc6fe8b7bd296e4e9862c165fbd1721bf
e5b1d7179d66053916d31376b87ce861f718478ab0e4c6c16ca1a5f5224e2489
e5c31812ab0ddc542ad56fc3a061b0dfb352070d034fa5a02b26347211a3f3ad
e737f1604553fa836a7ec58da1caa9f4df58674be49544dbc88abc139f9d3a99
e816b37ca6a7cfe2682c340d52cb92e0b780f25195907849a8787a1cbcf8fd49
e8ba1c33ba96e9fd98e08fbdb14aa309d63cd6a53c6d742cca40671c480c8f1d
e9a48ac907e9268a62d7d16c3d301d33663a066d09a9e8ab43075462f2cd2367
ea483d1098480a5a56ab2f71f158dc77e33817b6a76e2ebdad650af0078c074f
ead871924e7352d17483f8860c99bb9d8f26f1406944147eb4645b7fafe11968
ed043799989e868d7601efdaa3a340d2694eb41da0aec35df1a062d1c44b9654
ee2c6ccccf44888393e5461a80725d046b925c2e940bd39cbbff7978ccd95fe8
eff84c3a554c20912d9211c708e86842aba8871ac92affd6eb254bd157099102
f1323a411cbf79a0d54bfe52f139ae9a0ea63287ab7b4a716c968ed69667ce2e
f1fb4b2bd25b1142c0afa487466df2abec1250e9154e0d0f6aed4597043f2a4b
f2d5e9b3b5e8ce6694ceb3a5dd448c7fb57a7a2e1e4b9e3a4a04f9ceb5005758
f5321b376d8b2975902f49ae0c4ba1ba054684d26c2f74be8fb9e38fb73f47cd
f665710f0327ecd4c33f804fdfe61033bfdca3608be3e1e43f2d0ee13902824b
f6720056e19d218ca57d58786a5e6baee6e9fc79ff53c7a0f9a3697e24e3d821
f74c2b47d9033c8f45ceb41d41eadb8c8c58b13198dc01e44579a71a1af01deb
f81bda1efa50ae17098f3ff2190bbd48d6c782513730f8f207676ef1e381b1e6
f826c20438c20a7f8ba6b98ccd8ea048ae114b3db202e8d2e3a7f9530b46f8b4
f8a110431c347e11282262b78fa907f7057e72f13301f053c81e9ab90b42b602
f971a8dd8d725f3788e9e6472c7b3d0ad548f96b599662f3f05ff58d989703c2
fa8e197ef7cece29ccbdf18a8f4ae103f71e4c3185d4ed22ad99e3294b4f084a
fc7dfbd9faaddf6001ec46ef87c4023b901e7dfebfa413c897c0b870b3064d23
fdf838bb42b4709487ba2c3b80c33f1ee8995008642ac8eb8ab2c8d0553e45e5
fe1f31c8f3a6cdf4c82726aef8c44c3613a774464c00f9cef621a2571ca2649e
ff12bb22fd04d8aa22d772bbf6ae96f8fc5c9831ab56e541f29a11faceb8a3ff